Performance analysis of unified enterprise application security framework

Riaz A. Shaikh, Kashif Sharif, Ejaz Ahmed

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSI/FBI computer crime survey report almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.

Original languageEnglish
Title of host publication2005 Student Conference on Engineering Sciences and Technology, SCONEST
DOIs
Publication statusPublished - 2005
Event2005 Student Conference on Engineering Sciences and Technology, SCONEST - Karachi, Pakistan
Duration: 27 Aug 200527 Aug 2005

Publication series

Name2005 Student Conference on Engineering Sciences and Technology, SCONEST

Conference

Conference2005 Student Conference on Engineering Sciences and Technology, SCONEST
Country/TerritoryPakistan
CityKarachi
Period27/08/0527/08/05

Keywords

  • Application
  • Enterprise
  • Security
  • Unified

Cite this