Comparative analysis and design philosophy of next generation unified enterprise application security

Unified enterprise application security is a newly emerging approach for providing protection against application level attacks. Conventional application security approaches that embed security into each critical application results into scattered security mechanism, which is not only difficult to m...

Full description

Saved in:
Bibliographic Details
Main Authors: Shaikh, R.A., Rajput, S., Zaidi, S.M.H., Sharif, K.
Format: Conference Proceeding
Language:English
Subjects:
Access control
Application software
Authentication
Computer architecture
Computer industry
Identity management systems
Industrial control
Information security
Protection
Scattering
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 524
container_issue
container_start_page 517
container_title
container_volume
creator Shaikh, R.A.
Rajput, S.
Zaidi, S.M.H.
Sharif, K.
description Unified enterprise application security is a newly emerging approach for providing protection against application level attacks. Conventional application security approaches that embed security into each critical application results into scattered security mechanism, which is not only difficult to manage but also creates security loopholes. Therefore, new unified enterprise application security concept is evolving in the industry that consists of centralized authentication, access control, incident response and auditing. Industries such as Computer Associate, Cerebit, Entrust, Evidian, IBM Tivoli, Netegrity, Ohlix and SunOne have comes up with the identity and access management solutions that are based on this concept. Significant amount of misunderstanding exists in the industry and research community about appropriate features of such a unified product. Therefore we have proposed new enterprise application security (EAS) comparison framework to compare existing enterprise application security products. This framework helps an enterprise in selecting appropriate application security product. From comparison we found that Computer Associate and Netegrity solutions are the best available solutions, however none of the current available solutions are providing complete enterprise application security. Therefore we have proposed new unified enterprise application security architecture. This architecture provides all basic information security and other critical services such as, auditing, reporting, authentication, access control, confidentiality, integrity, commitment to standards, incident response, scalability. flexibility, manageability, and compliance of regulatory mandates.
doi_str_mv 10.1109/ICET.2005.1558935
format conference_proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_1558935</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1558935</ieee_id><sourcerecordid>1558935</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-35877f54f93a934c6722d5e35a41c5c2a906e7c534f3c1cf7d4137d6d6a3ff073</originalsourceid><addsrcrecordid>eNotUMFKAzEUDIig1n6AeMkPbE3yks3mKEvVQsFLPZeQvLSRbTZstuL-vSvtXGZgmGEYQp44W3HOzMumXe9WgjG14ko1BtQNeWC6YWCE1PqOLEv5ZjPAyNqIe4Jtf8p2sGP8QWqT7aYSyyw89VjiIdF8jF1f-nycaB9owt-RHjDhf6JP9JxiiOgpphGHPMQyl-TcRXexC7rzEMfpkdwG2xVcXnlBvt7Wu_aj2n6-b9rXbRW5VmMFqtE6KBkMWAPS1VoIrxCUldwpJ6xhNWqnQAZw3AXtJQfta19bCIFpWJDnS29ExP2852SHaX99Av4AH6lWng</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Comparative analysis and design philosophy of next generation unified enterprise application security</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Shaikh, R.A. ; Rajput, S. ; Zaidi, S.M.H. ; Sharif, K.</creator><creatorcontrib>Shaikh, R.A. ; Rajput, S. ; Zaidi, S.M.H. ; Sharif, K.</creatorcontrib><description>Unified enterprise application security is a newly emerging approach for providing protection against application level attacks. Conventional application security approaches that embed security into each critical application results into scattered security mechanism, which is not only difficult to manage but also creates security loopholes. Therefore, new unified enterprise application security concept is evolving in the industry that consists of centralized authentication, access control, incident response and auditing. Industries such as Computer Associate, Cerebit, Entrust, Evidian, IBM Tivoli, Netegrity, Ohlix and SunOne have comes up with the identity and access management solutions that are based on this concept. Significant amount of misunderstanding exists in the industry and research community about appropriate features of such a unified product. Therefore we have proposed new enterprise application security (EAS) comparison framework to compare existing enterprise application security products. This framework helps an enterprise in selecting appropriate application security product. From comparison we found that Computer Associate and Netegrity solutions are the best available solutions, however none of the current available solutions are providing complete enterprise application security. Therefore we have proposed new unified enterprise application security architecture. This architecture provides all basic information security and other critical services such as, auditing, reporting, authentication, access control, confidentiality, integrity, commitment to standards, incident response, scalability. flexibility, manageability, and compliance of regulatory mandates.</description><identifier>ISBN: 0780392477</identifier><identifier>ISBN: 9780780392472</identifier><identifier>DOI: 10.1109/ICET.2005.1558935</identifier><language>eng</language><publisher>IEEE</publisher><subject>Access control ; Application software ; Authentication ; Computer architecture ; Computer industry ; Identity management systems ; Industrial control ; Information security ; Protection ; Scattering</subject><ispartof>Proceedings of the IEEE Symposium on Emerging Technologies, 2005, 2005, p.517-524</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1558935$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,4050,4051,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1558935$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Shaikh, R.A.</creatorcontrib><creatorcontrib>Rajput, S.</creatorcontrib><creatorcontrib>Zaidi, S.M.H.</creatorcontrib><creatorcontrib>Sharif, K.</creatorcontrib><title>Comparative analysis and design philosophy of next generation unified enterprise application security</title><title>Proceedings of the IEEE Symposium on Emerging Technologies, 2005</title><addtitle>ICET</addtitle><description>Unified enterprise application security is a newly emerging approach for providing protection against application level attacks. Conventional application security approaches that embed security into each critical application results into scattered security mechanism, which is not only difficult to manage but also creates security loopholes. Therefore, new unified enterprise application security concept is evolving in the industry that consists of centralized authentication, access control, incident response and auditing. Industries such as Computer Associate, Cerebit, Entrust, Evidian, IBM Tivoli, Netegrity, Ohlix and SunOne have comes up with the identity and access management solutions that are based on this concept. Significant amount of misunderstanding exists in the industry and research community about appropriate features of such a unified product. Therefore we have proposed new enterprise application security (EAS) comparison framework to compare existing enterprise application security products. This framework helps an enterprise in selecting appropriate application security product. From comparison we found that Computer Associate and Netegrity solutions are the best available solutions, however none of the current available solutions are providing complete enterprise application security. Therefore we have proposed new unified enterprise application security architecture. This architecture provides all basic information security and other critical services such as, auditing, reporting, authentication, access control, confidentiality, integrity, commitment to standards, incident response, scalability. flexibility, manageability, and compliance of regulatory mandates.</description><subject>Access control</subject><subject>Application software</subject><subject>Authentication</subject><subject>Computer architecture</subject><subject>Computer industry</subject><subject>Identity management systems</subject><subject>Industrial control</subject><subject>Information security</subject><subject>Protection</subject><subject>Scattering</subject><isbn>0780392477</isbn><isbn>9780780392472</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2005</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotUMFKAzEUDIig1n6AeMkPbE3yks3mKEvVQsFLPZeQvLSRbTZstuL-vSvtXGZgmGEYQp44W3HOzMumXe9WgjG14ko1BtQNeWC6YWCE1PqOLEv5ZjPAyNqIe4Jtf8p2sGP8QWqT7aYSyyw89VjiIdF8jF1f-nycaB9owt-RHjDhf6JP9JxiiOgpphGHPMQyl-TcRXexC7rzEMfpkdwG2xVcXnlBvt7Wu_aj2n6-b9rXbRW5VmMFqtE6KBkMWAPS1VoIrxCUldwpJ6xhNWqnQAZw3AXtJQfta19bCIFpWJDnS29ExP2852SHaX99Av4AH6lWng</recordid><startdate>2005</startdate><enddate>2005</enddate><creator>Shaikh, R.A.</creator><creator>Rajput, S.</creator><creator>Zaidi, S.M.H.</creator><creator>Sharif, K.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2005</creationdate><title>Comparative analysis and design philosophy of next generation unified enterprise application security</title><author>Shaikh, R.A. ; Rajput, S. ; Zaidi, S.M.H. ; Sharif, K.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-35877f54f93a934c6722d5e35a41c5c2a906e7c534f3c1cf7d4137d6d6a3ff073</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2005</creationdate><topic>Access control</topic><topic>Application software</topic><topic>Authentication</topic><topic>Computer architecture</topic><topic>Computer industry</topic><topic>Identity management systems</topic><topic>Industrial control</topic><topic>Information security</topic><topic>Protection</topic><topic>Scattering</topic><toplevel>online_resources</toplevel><creatorcontrib>Shaikh, R.A.</creatorcontrib><creatorcontrib>Rajput, S.</creatorcontrib><creatorcontrib>Zaidi, S.M.H.</creatorcontrib><creatorcontrib>Sharif, K.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE/IET Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Shaikh, R.A.</au><au>Rajput, S.</au><au>Zaidi, S.M.H.</au><au>Sharif, K.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Comparative analysis and design philosophy of next generation unified enterprise application security</atitle><btitle>Proceedings of the IEEE Symposium on Emerging Technologies, 2005</btitle><stitle>ICET</stitle><date>2005</date><risdate>2005</risdate><spage>517</spage><epage>524</epage><pages>517-524</pages><isbn>0780392477</isbn><isbn>9780780392472</isbn><abstract>Unified enterprise application security is a newly emerging approach for providing protection against application level attacks. Conventional application security approaches that embed security into each critical application results into scattered security mechanism, which is not only difficult to manage but also creates security loopholes. Therefore, new unified enterprise application security concept is evolving in the industry that consists of centralized authentication, access control, incident response and auditing. Industries such as Computer Associate, Cerebit, Entrust, Evidian, IBM Tivoli, Netegrity, Ohlix and SunOne have comes up with the identity and access management solutions that are based on this concept. Significant amount of misunderstanding exists in the industry and research community about appropriate features of such a unified product. Therefore we have proposed new enterprise application security (EAS) comparison framework to compare existing enterprise application security products. This framework helps an enterprise in selecting appropriate application security product. From comparison we found that Computer Associate and Netegrity solutions are the best available solutions, however none of the current available solutions are providing complete enterprise application security. Therefore we have proposed new unified enterprise application security architecture. This architecture provides all basic information security and other critical services such as, auditing, reporting, authentication, access control, confidentiality, integrity, commitment to standards, incident response, scalability. flexibility, manageability, and compliance of regulatory mandates.</abstract><pub>IEEE</pub><doi>10.1109/ICET.2005.1558935</doi><tpages>8</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 0780392477
ispartof Proceedings of the IEEE Symposium on Emerging Technologies, 2005, 2005, p.517-524
issn
language eng
recordid cdi_ieee_primary_1558935
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Access control
Application software
Authentication
Computer architecture
Computer industry
Identity management systems
Industrial control
Information security
Protection
Scattering
title Comparative analysis and design philosophy of next generation unified enterprise application security
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T15%3A41%3A36IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Comparative%20analysis%20and%20design%20philosophy%20of%20next%20generation%20unified%20enterprise%20application%20security&rft.btitle=Proceedings%20of%20the%20IEEE%20Symposium%20on%20Emerging%20Technologies,%202005&rft.au=Shaikh,%20R.A.&rft.date=2005&rft.spage=517&rft.epage=524&rft.pages=517-524&rft.isbn=0780392477&rft.isbn_list=9780780392472&rft_id=info:doi/10.1109/ICET.2005.1558935&rft_dat=%3Cieee_6IE%3E1558935%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-35877f54f93a934c6722d5e35a41c5c2a906e7c534f3c1cf7d4137d6d6a3ff073%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1558935&rfr_iscdi=true