Securing the Perimeter -  Maciej Machulak,  Michael Schwartz

Securing the Perimeter (eBook)

Deploying Identity and Access Management with Free Open Source Software
eBook Download: PDF
2018 | 1st ed.
XV, 377 Seiten
Apress (Verlag)
978-1-4842-2601-8 (ISBN)
Systemvoraussetzungen
66,99 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Leverage existing free open source software to build an identity and access management (IAM) platform that can serve your organization for the long term. With the emergence of open standards and open source software, it's now easier than ever to build and operate your own IAM stack.

The most common culprit of the largest hacks has been bad personal identification. In terms of bang for your buck, effective access control is the best investment you can make. Financially, it's more valuable to prevent than to detect a security breach. That's why Identity and Access Management (IAM) is a critical component of an organization's security infrastructure. In the past, IAM software has been available only from large enterprise software vendors. Commercial IAM offerings are bundled as 'suites' because IAM is not just one component. It's a number of components working together, including web, authentication, authorization, cryptographic, and persistence services. 

Securing the Perimeter documents a recipe to take advantage of open standards to build an enterprise-class IAM service using free open source software. This recipe can be adapted to meet the needs of both small and large organizations. While not a comprehensive guide for every application, this book provides the key concepts and patterns to help administrators and developers leverage a central security infrastructure.

Cloud IAM service providers would have you believe that managing an IAM is too hard. Anything unfamiliar is hard, but with the right road map, it can be mastered. You may find SaaS identity solutions too rigid or too expensive. Or perhaps you don't like the idea of a third party holding the credentials of your users-the keys to your kingdom. Open source IAM provides an alternative. Take control of your IAM infrastructure if digital services are key to your organization's success. 

What You'll Learn

  • Understand why you should deploy a centralized authentication and policy management infrastructure
  • Use the SAML or Open ID Standards for web or single sign-on, and OAuth for API Access Management
  • Synchronize data from existing identity repositories such as Active Directory
  • Deploy two-factor authentication services

Who This Book Is For

Security architects (CISO, CSO), system engineers/administrators, and software developers



Michael Schwartz is a domain expert on digital authentication and centralized application security policy management. Since starting an ISP in 1995, he has been directly involved in network and application security. In 2009, he founded Gluu Inc, a security software development company that has created an IAM distribution based on free open source components. In addition to his participation in several identity standards, Mike is the co-chair of the OTTO working group at the Kantara Initiative, which is developing new standards for identity federation. Mike has worked with organizations in many sectors, including finance, government, education, and enterprise. A graduate of Washington University in St. Louis, he currently resides with his family in Austin, TX.

Maciej Machulak is an expert in security, privacy and trust in the Cloud. He works on digital identity and security at HSBC. In the past, Maciej worked for various companies in the identity and access management space. He also founded and became the CEO of Cloud Identity Limited (acquired by Synergetics), a company that developed innovative security software based on proprietary and open source components. Maciej serves as the Vice-Chair of the User-Managed Access (UMA) Work Group at Kantara Initiative and is one of the authors of the award-winning UMA protocol and of two OAuth-related specifications used in Open Banking. In June 2015, Maciej was awarded the prestigious MIT Technology Review Innovators Under 35 Poland award for his work on privacy and security. Maciej is a PhD graduate from Newcastle University. Outside of work, he enjoys various outdoor activities and sports with his family.


Leverage existing free open source software to build an identity and access management (IAM) platform that can serve your organization for the long term. With the emergence of open standards and open source software, it's now easier than ever to build and operate your own IAM stack.The most common culprit of the largest hacks has been bad personal identification. In terms of bang for your buck, effective access control is the best investment you can make. Financially, it's more valuable to prevent than to detect a security breach. That's why Identity and Access Management (IAM) is a critical component of an organization's security infrastructure. In the past, IAM software has been available only from large enterprise software vendors. Commercial IAM offerings are bundled as "e;suites"e; because IAM is not just one component. It's a number of components working together, including web, authentication, authorization, cryptographic, and persistence services. Securing the Perimeter documents a recipe to take advantage of open standards to build an enterprise-class IAM service using free open source software. This recipe can be adapted to meet the needs of both small and large organizations. While not a comprehensive guide for every application, this book provides the key concepts and patterns to help administrators and developers leverage a central security infrastructure.Cloud IAM service providers would have you believe that managing an IAM is too hard. Anything unfamiliar is hard, but with the right road map, it can be mastered. You may find SaaS identity solutions too rigid or too expensive. Or perhaps you don't like the idea of a third party holding the credentials of your users-the keys to your kingdom. Open source IAM provides an alternative. Take control of your IAM infrastructure if digital services are key to your organization's success. What You'll Learn Understand why you should deploy a centralized authentication and policy management infrastructureUse the SAML or Open ID Standards for web or single sign-on, and OAuth for API Access ManagementSynchronize data from existing identity repositories such as Active DirectoryDeploy two-factor authentication servicesWho This Book Is For Security architects (CISO, CSO), system engineers/administrators, and software developers

Michael Schwartz is a domain expert on digital authentication and centralized application security policy management. Since starting an ISP in 1995, he has been directly involved in network and application security. In 2009, he founded Gluu Inc, a security software development company that has created an IAM distribution based on free open source components. In addition to his participation in several identity standards, Mike is the co-chair of the OTTO working group at the Kantara Initiative, which is developing new standards for identity federation. Mike has worked with organizations in many sectors, including finance, government, education, and enterprise. A graduate of Washington University in St. Louis, he currently resides with his family in Austin, TX.Maciej Machulak is an expert in security, privacy and trust in the Cloud. He works on digital identity and security at HSBC. In the past, Maciej worked for various companies in the identity and access management space. He also founded and became the CEO of Cloud Identity Limited (acquired by Synergetics), a company that developed innovative security software based on proprietary and open source components. Maciej serves as the Vice-Chair of the User-Managed Access (UMA) Work Group at Kantara Initiative and is one of the authors of the award-winning UMA protocol and of two OAuth-related specifications used in Open Banking. In June 2015, Maciej was awarded the prestigious MIT Technology Review Innovators Under 35 Poland award for his work on privacy and security. Maciej is a PhD graduate from Newcastle University. Outside of work, he enjoys various outdoor activities and sports with his family.

Chapter 1: Introduction.- Chapter 2: LDAP.- Chapter 3: SAML.- Chapter 4: Oauth.- Chapter 5: OpenID Connect.- Chapter 6: Proxy.- Chapter 7: Strong Authentication.- Chapter 8: User-Managed Access.- Chapter 9: Identity Management.- Chapter 10: Multiparty Federation.-

Erscheint lt. Verlag 12.12.2018
Zusatzinfo XV, 377 p. 134 illus.
Verlagsort Berkeley
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Software Entwicklung
Schlagworte 2FA • federation • Fido • Free Open Source Software • IAM • Identity • Identity and Access Management • LDAP • MFA • Mobile • OAuth • OpenID • PKI • SAML • security • SSO • U2F • x.509
ISBN-10 1-4842-2601-1 / 1484226011
ISBN-13 978-1-4842-2601-8 / 9781484226018
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 10,9 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99