Enterprise Level Security - William R. Simpson

Enterprise Level Security

Securing Information Systems in an Uncertain World
Buch | Hardcover
428 Seiten
2016
Auerbach Publishers Inc. (Verlag)
978-1-4987-6445-2 (ISBN)
124,65 inkl. MwSt
Enterprise Level Security: Securing Information Systems in an Uncertain World provides a modern alternative to the fortress approach to security. The new approach is more distributed and has no need for passwords or accounts. Global attacks become much more difficult, and losses are localized, should they occur. The security approach is derived from a set of tenets that form the basic security model requirements. Many of the changes in authorization within the enterprise model happen automatically. Identities and claims for access occur during each step of the computing process.

Many of the techniques in this book have been piloted. These techniques have been proven to be resilient, secure, extensible, and scalable. The operational model of a distributed computer environment defense is currently being implemented on a broad scale for a particular enterprise.

The first section of the book comprises seven chapters that cover basics and philosophy, including discussions on identity, attributes, access and privilege, cryptography, the cloud, and the network. These chapters contain an evolved set of principles and philosophies that were not apparent at the beginning of the project.

The second section, consisting of chapters eight through twenty-two, contains technical information and details obtained by making painful mistakes and reworking processes until a workable formulation was derived. Topics covered in this section include claims-based authentication, credentials for access claims, claims creation, invoking an application, cascading authorization, federation, and content access control. This section also covers delegation, the enterprise attribute ecosystem, database access, building enterprise software, vulnerability analyses, the enterprise support desk, and network defense.

Dr. William R. Simpson earned his bachelor of science in aerospace engineering from Virginia Polytechnic Institute and State University, a master of science and a doctor of philosophy in aeronautical and astronautical engineering from Ohio State University, and a master of science in administration from George Washington University. He has held academic positions at George Mason University, Old Dominion University, the University of Maryland, and Ohio State University. He has held industry positions at the US Naval Air Test Center, the Center for Naval Analyses, the ARINC Research Corporation, and the Institute for Defense Analyses.

Introduction. BASICS AND PHILOSOPHY. Identity. Attributes. Access and Privilege. Cryptography. The Cloud. The Network. TECHNICAL DETAILS. Claims-Based Authentication. Credentials for Access Claims. Claims Creation. Invoking an Application. Cascading Authorization. Federation. Content Access Control. Delegation. The Enterprise Attribute Ecosystem. Database Access. Building Enterprise Software. Vulnerability Analyses. An Enterprise Support Desk. Network Defense. Concluding Remarks. Appendix. Bibliography.

Erscheinungsdatum
Zusatzinfo 28 Tables, black and white; 112 Illustrations, black and white
Sprache englisch
Maße 156 x 234 mm
Gewicht 703 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Sozialwissenschaften Politik / Verwaltung Europäische / Internationale Politik
ISBN-10 1-4987-6445-2 / 1498764452
ISBN-13 978-1-4987-6445-2 / 9781498764452
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00