Enterprise Level Security: Securing Information Systems in an Uncertain World

William R. Simpson

  • 出版商: Auerbach Publication
  • 出版日期: 2016-05-13
  • 售價: $4,510
  • 貴賓價: 9.5$4,285
  • 語言: 英文
  • 頁數: 429
  • 裝訂: Hardcover
  • ISBN: 1498764452
  • ISBN-13: 9781498764452
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Enterprise Level Security: Securing Information Systems in an Uncertain World provides a modern alternative to the fortress approach to security. The new approach is more distributed and has no need for passwords or accounts. Global attacks become much more difficult, and losses are localized, should they occur. The security approach is derived from a set of tenets that form the basic security model requirements. Many of the changes in authorization within the enterprise model happen automatically. Identities and claims for access occur during each step of the computing process.

Many of the techniques in this book have been piloted. These techniques have been proven to be resilient, secure, extensible, and scalable. The operational model of a distributed computer environment defense is currently being implemented on a broad scale for a particular enterprise.

The first section of the book comprises seven chapters that cover basics and philosophy, including discussions on identity, attributes, access and privilege, cryptography, the cloud, and the network. These chapters contain an evolved set of principles and philosophies that were not apparent at the beginning of the project.

The second section, consisting of chapters eight through twenty-two, contains technical information and details obtained by making painful mistakes and reworking processes until a workable formulation was derived. Topics covered in this section include claims-based authentication, credentials for access claims, claims creation, invoking an application, cascading authorization, federation, and content access control. This section also covers delegation, the enterprise attribute ecosystem, database access, building enterprise software, vulnerability analyses, the enterprise support desk, and network defense.

商品描述(中文翻譯)

《企業級安全:在不確定的世界中保護資訊系統》提供了一種現代的安全替代方案,取代了傳統的堡壘式安全方法。這種新方法更加分散,無需密碼或帳戶。全球性攻擊變得更加困難,若發生損失也會局部化。這種安全方法源自一組基本的安全模型要求。企業模型中的許多授權變更是自動發生的。身份和訪問聲明在計算過程的每一步中都會出現。

本書中的許多技術已經過試點,這些技術已被證明具有韌性、安全性、可擴展性和可擴充性。分散式計算環境防禦的操作模型目前正在某個特定企業中大規模實施。

本書的第一部分包含七章,涵蓋基礎知識和哲學,包括對身份、屬性、訪問和特權、密碼學、雲端和網路的討論。這些章節包含了一套進化的原則和哲學,這些在項目開始時並不明顯。

第二部分由第八章至第二十二章組成,包含了通過痛苦的錯誤和重新加工過程所獲得的技術資訊和細節,直到得出可行的公式。這部分涵蓋的主題包括基於聲明的身份驗證、訪問聲明的憑證、聲明創建、調用應用程式、級聯授權、聯邦和內容訪問控制。這部分還涵蓋了委派、企業屬性生態系統、數據庫訪問、企業軟體建設、漏洞分析、企業支援服務台和網路防禦。