In his latest post, Chris Shiflett links to more information from Andrew van der Stock about his proposed PHP security architecture.
Andrew van der Stock has started providing more details about a proposed security architecture for PHP, beginning with the SABSA (Sherwood Applied Business Security Architecture) approach. This approach is broken down into layers:
He describes each of these layers and how they relate to PHP, and he also hints that more details are coming.
Andrew's post, a follow-up from previous posts, maps out the structure above visually, and provides this link to a book published dealing with a business-driven security approach...