Performance analysis of unified enterprise application security framework

Riaz A. Shaikh; Kashif Sharif; Ejaz Ahmed

doi:10.1109/SCONEST.2005.4382878

Performance analysis of unified enterprise application security framework

Riaz A. Shaikh, Kashif Sharif, Ejaz Ahmed

School of Computing Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSI/FBI computer crime survey report almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.

Original language	English
Title of host publication	2005 Student Conference on Engineering Sciences and Technology, SCONEST
DOIs	https://doi.org/10.1109/SCONEST.2005.4382878
Publication status	Published - 2005
Event	2005 Student Conference on Engineering Sciences and Technology, SCONEST - Karachi, Pakistan Duration: 27 Aug 2005 → 27 Aug 2005

Publication series

Name	2005 Student Conference on Engineering Sciences and Technology, SCONEST

Conference

Conference	2005 Student Conference on Engineering Sciences and Technology, SCONEST
Country/Territory	Pakistan
City	Karachi
Period	27/08/05 → 27/08/05

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 16 Peace, Justice and Strong Institutions

Keywords

Application
Enterprise
Security
Unified

Access to Document

10.1109/SCONEST.2005.4382878

Cite this

@inproceedings{91114af2e873462fbedaad2bca90d502,

title = "Performance analysis of unified enterprise application security framework",

abstract = "Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSI/FBI computer crime survey report almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.",

keywords = "Application, Enterprise, Security, Unified",

author = "Shaikh, {Riaz A.} and Kashif Sharif and Ejaz Ahmed",

note = "Funding Information: This research has been supported by grants from the Italian Ministry of University and Scientific and Technological Research and from the INFM National Institute for the Physics of Matter.; 2005 Student Conference on Engineering Sciences and Technology, SCONEST ; Conference date: 27-08-2005 Through 27-08-2005",

year = "2005",

doi = "10.1109/SCONEST.2005.4382878",

language = "English",

isbn = "0780394429",

series = "2005 Student Conference on Engineering Sciences and Technology, SCONEST",

booktitle = "2005 Student Conference on Engineering Sciences and Technology, SCONEST",

}

Shaikh, RA, Sharif, K & Ahmed, E 2005, Performance analysis of unified enterprise application security framework. in 2005 Student Conference on Engineering Sciences and Technology, SCONEST., 4382878, 2005 Student Conference on Engineering Sciences and Technology, SCONEST, 2005 Student Conference on Engineering Sciences and Technology, SCONEST, Karachi, Pakistan, 27/08/05. https://doi.org/10.1109/SCONEST.2005.4382878

Performance analysis of unified enterprise application security framework. / Shaikh, Riaz A.; Sharif, Kashif; Ahmed, Ejaz.
2005 Student Conference on Engineering Sciences and Technology, SCONEST. 2005. 4382878 (2005 Student Conference on Engineering Sciences and Technology, SCONEST).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Performance analysis of unified enterprise application security framework

AU - Shaikh, Riaz A.

AU - Sharif, Kashif

AU - Ahmed, Ejaz

N1 - Funding Information: This research has been supported by grants from the Italian Ministry of University and Scientific and Technological Research and from the INFM National Institute for the Physics of Matter.

PY - 2005

Y1 - 2005

N2 - Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSI/FBI computer crime survey report almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.

AB - Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSI/FBI computer crime survey report almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.

KW - Application

KW - Enterprise

KW - Security

KW - Unified

UR - http://www.scopus.com/inward/record.url?scp=51149083895&partnerID=8YFLogxK

U2 - 10.1109/SCONEST.2005.4382878

DO - 10.1109/SCONEST.2005.4382878

M3 - Conference contribution

AN - SCOPUS:51149083895

SN - 0780394429

SN - 9780780394421

T3 - 2005 Student Conference on Engineering Sciences and Technology, SCONEST

BT - 2005 Student Conference on Engineering Sciences and Technology, SCONEST

T2 - 2005 Student Conference on Engineering Sciences and Technology, SCONEST

Y2 - 27 August 2005 through 27 August 2005

ER -

Performance analysis of unified enterprise application security framework

Abstract

Publication series

Conference

UN SDGs

Keywords

Access to Document

Other files and links

Cite this