Title: Performance
Analysis of Unified Enterprise Application Security Framework
Abstract: Unified
Enterprise application security is a new emerging approach for providing
protection against application level attacks. Conventional application security
approach that consists of embedding security into each critical application
leads towards scattered security mechanism that is not only difficult to
manage but also creates security loopholes. According to the CSI/FBI
computer crime survey report, almost 80% of the security breaches come from
authorized users. In this paper, we have worked on the concept of unified
security model, which manages all security aspect from a single security
window. The basic idea is to keep business functionality separate from security
components of the application. Our main focus was on the designing of frame
work for unified layer which supports single point of policy control, centralize
logging mechanism, granular, context aware access control, and independent
from any underlying authentication technology and authorization policy.