The present invention provides an efficient application oriented security model. Prior to execution, an application is authenticated, and security information associated with the application is retrieved. The security information is then used to generate a token that is attached to the application. The security information may include a principle account associated with the application, a list of group accounts, and a corresponding privilege list.