Enterprise Level Security : Securing Information Systems in an Uncertain World

個数：

Enterprise Level Security : Securing Information Systems in an Uncertain World

Simpson, William R.

ウェブストア価格 ¥33,580（本体¥30,528）
Auerbach Publishers Inc.（2016/05発売）
外貨定価 US$ 150.00
ポイント 305pt

在庫がございません。海外の書籍取次会社を通じて出版社等からお取り寄せいたします。
通常6～9週間ほどで発送の見込みですが、商品によってはさらに時間がかかることもございます。
【重要ご説明事項】
1. 納期遅延や、ご入手不能となる場合がございます。
2. 複数冊ご注文の場合は、ご注文数量が揃ってからまとめて発送いたします。
3. 美品のご指定は承りかねます。

●3Dセキュア導入とクレジットカードによるお支払いについて

【入荷遅延について】
世界情勢の影響により、海外からお取り寄せとなる洋書・洋古書の入荷が、表示している標準的な納期よりも遅延する場合がございます。
おそれいりますが、あらかじめご了承くださいますようお願い申し上げます。

◆画像の表紙や帯等は実物とは異なる場合があります。

◆ウェブストアでの洋書販売価格は、弊社店舗等での販売価格とは異なります。
また、洋書販売価格は、ご注文確定時点での日本円価格となります。
ご注文確定後に、同じ洋書の販売価格が変動しても、それは反映されません。

製本 Hardcover:ハードカバー版／ページ数 428 p.
言語 ENG
商品コード 9781498764452
DDC分類 005.8

Full Description

Enterprise Level Security: Securing Information Systems in an Uncertain World provides a modern alternative to the fortress approach to security. The new approach is more distributed and has no need for passwords or accounts. Global attacks become much more difficult, and losses are localized, should they occur. The security approach is derived from a set of tenets that form the basic security model requirements. Many of the changes in authorization within the enterprise model happen automatically. Identities and claims for access occur during each step of the computing process.

Many of the techniques in this book have been piloted. These techniques have been proven to be resilient, secure, extensible, and scalable. The operational model of a distributed computer environment defense is currently being implemented on a broad scale for a particular enterprise.

The first section of the book comprises seven chapters that cover basics and philosophy, including discussions on identity, attributes, access and privilege, cryptography, the cloud, and the network. These chapters contain an evolved set of principles and philosophies that were not apparent at the beginning of the project.

The second section, consisting of chapters eight through twenty-two, contains technical information and details obtained by making painful mistakes and reworking processes until a workable formulation was derived. Topics covered in this section include claims-based authentication, credentials for access claims, claims creation, invoking an application, cascading authorization, federation, and content access control. This section also covers delegation, the enterprise attribute ecosystem, database access, building enterprise software, vulnerability analyses, the enterprise support desk, and network defense.

Introduction. BASICS AND PHILOSOPHY. Identity. Attributes. Access and Privilege. Cryptography. The Cloud. The Network. TECHNICAL DETAILS. Claims-Based Authentication. Credentials for Access Claims. Claims Creation. Invoking an Application. Cascading Authorization. Federation. Content Access Control. Delegation. The Enterprise Attribute Ecosystem. Database Access. Building Enterprise Software. Vulnerability Analyses. An Enterprise Support Desk. Network Defense. Concluding Remarks. Appendix. Bibliography.