Maybe this question is a little idiot, because everything can be guaranteed in business layer, but I don't know if I should make an efford to bring this kind of guarantees to the business logic layer.
Example:
I have a business logic in an ASP.NET application that the user only can access the second page of a list of products if he has been logged in. In an ASP.NET application the WebSecurity takes care about users login, so I can't call WebSecurity methods in the business layer. How can I handle with It? Only keep this laws in the UI layer?
Business Logic is a broad term that easily confuses developers to what kind of logic they are talking about. People think that "if its a client requirement then it must be a business logic".
Application Logic - These are the kinds logic that are specifically made for the application. They make sure the application runs smoothly, like filtering out garbage input for example.
Business Logic - These kinds of logic are from the problem domain. These are the real world business rules.
Example
Here is a simple exercise: The following items are validations for the user's age. Find out which one belongs to the application logic or business logic.
HINT: If the customer is trying to buy beer, the cashier will never ask if the customer's age is a numeric or if it is within the range of 1 to 100.
In the real world, the cashier is part of the business, and enforce the rules. It assumes that that the customer's age is normal, not 1000.
The business does not care if you are authenticated or not. You are there to do business, that's it
Answer to my little exercise:
Age should always be numeric, and within 1 to 100. - This validation is an application logic. It's the application's job to ensure the quality of the users input. No garbage input.
User's age must be 18 or above. This validation is a business logic. The business assumes that the input is always in correct format or range, all it has to do is check whether you are allowed to buy beer.