The PEI framework for application-centric security

Ravi Sandhu

5th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing

Research Article

The PEI framework for application-centric security

Download453 downloads

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.4108/ICST.COLLABORATECOM2009.8382 ,
    author={Ravi Sandhu},
    title={The PEI framework for application-centric security},
    proceedings={5th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing},
    proceedings_a={COLLABORATECOM},
    year={2009},
    month={12},
    keywords={Application software Books Computer security Data security Database systems History Information security Invasive software Lattices Operating systems},
    doi={10.4108/ICST.COLLABORATECOM2009.8382 }
}

Ravi Sandhu
Year: 2009
The PEI framework for application-centric security
COLLABORATECOM
ICST
DOI: 10.4108/ICST.COLLABORATECOM2009.8382

Ravi Sandhu¹^,*

1: Executive Director and Endowed Professor, Institute for Cyber Security, University of Texas at San Antonio

*Contact email: ravi.sandhu@utsa.edu

Abstract

This paper motivates the fundamental importance of application context for security. It then gives an overview of the PEI framework for application-centric security and outlines some of the lessons learned in applying this framework. PEI stands for Policy, Enforcement and Implementation, signifying three distinct layers at which security policy and design decisions need to be made. The framework was introduced by this author in 2006 [35]. It is closely related to the earlier OM-AM framework also introduced by this author in 2000 [32].

Keywords: Application software Books Computer security Data security Database systems History Information security Invasive software Lattices Operating systems

Published: 2009-12-28

: http://dx.doi.org/10.4108/ICST.COLLABORATECOM2009.8382

The PEI framework for application-centric security

Abstract

About EAI

Community

Publish with EAI