DATA SECURITY FOR ENTERPRISE APPLICATIONS- A UNINVERSAL APPROACH

Abstract

Securing application data and controlling its access is one of the key issues in implementing applications. Very often we disign and even deploy systems without the security layer. Is security really an add-on functionality? Described is a generic implementation of security that can be uniformly used and can also be easily added to existing applications. The paper covers common security issues, the need for controlling functional access through functional classes, and also describes a typical implementation of the same. The paper also addresses authorizations and routing. Adding authorization functionality to existing applications is easy and implemented with small efforts to add real value to the application. A typical implementation of authorities and associated workflow in applications is also discussed. The paper also touches upon the issues and concerns for securing on the WEB.