I just started to work on my thesis to finish my studies. However the field in which I write my thesis is pretty much new to me. I have the task to build a "Remote-Access Strategy/Architecture" to create a secure end-to-end connection.
One endpoint of the connection is BI ( meaning: numbers, web-, databaseservers, LDAP ).
The other end is supposed to be a smartphone ( iOS or Android ).
I started my research with a lot of reading regarding security standards like ISO27k, BSI Grundschutz and so on. I can't lose the feeling that those securitystandards are a bit to broad for the start of my research.
Those standards provide a great start into commercial security, but they also cover security in the form of natural disasters.
I'm searching for some security papers which show the security architecture of websites or webservices, show which technologies are in use ( SSL, DMZ, Firewalls, SSL-Termination).
My plan is to analyze those architectures and to learn from them.
Do you know any good books, studies or other security material which could give me a good start into this topic?
P.s. I know that web/webserice security doesn't cover the loss of the device ( which would probably be a big risk in a mobile environment)