ABSTRACT
Designing, implementing, and administering application security architectures that address and resolve user identification, authentication, and data access controls has become increasingly challenging as technologies transition from a mainframe architecture, to the multiple-tier client/server models, to the newest World Wide Web-based application configurations. Within the mainframe environment, software access control utilities are typically controlled by one or more security officers, who add, change, and delete rules to accommodate the organization’s policy compliance.
