I am a complete beginner in the security topic and I know that I should read this, but I have a small question to which I hope exists a short answer.
Let's say I have three components of a web-application 'talking' to each other:
- a front-end;
- a database;
- a storage component.
Each of the components resides on a physically distinct machine which has a connection to the Internet.
How then a front-end machine can connect to the database machine in a secure manner? How can the database machine know it is the front-end machine connecting and not an attacker?
Is there any 'best practice' to connect two components in a physically distributed system in such a secure manner, that only certain components are allowed to access other certain components while all the other sources are restricted to access those components?