Enterprise level security 1 & 2. (2020)
- Record Type:
- Book
- Title:
- Enterprise level security 1 & 2. (2020)
- Main Title:
- Enterprise level security 1 & 2
- Further Information:
- Note: Kevin E. Foltz, William R. Simpson.
- Authors:
- Foltz, Kevin E
Simpson, William Randolph, 1946- - Contents:
- Enterprise Level Security (1) 1 Introduction 1.1 Problem Description 1.1.1 Success beyond Anticipation 1.1.2 But, It Started Long before ­at 1.1.2.1 A Brief History of the Development of the WWW 1 1.1.3 Fast-Forward to Today 1.2 What Is Enterprise Level Security? 1.3 Distributed versus Centralized Security 1.3.1 Case Study: Boat Design 1.3.2 Case Study Enterprise Information Technology Environment 1.3.3 Security Aspects 1.3.3.1 Confidentiality 1.3.3.2 Integrity 1.3.3.3 Availability 1.3.3.4 Authenticity 1.3.3.5 Nonrepudiation 1.4 Crafting a Security Model 1.4.1 ­e Assumptions 1.4.2 Tenets: Digging beneath the Security Aspects 1.5 Entities and Claims 1.5.1 Credentialing 1.6 Robust Assured Information Sharing 1.6.1 Security Requirements 1.6.2 Security Mechanisms 1.6.3 Goals and Assumptions of IA Architecture 1.6.4 Assumptions 1.6.5 A Framework for Entities in Distributed Systems 1.7 Key Concepts 1.7.1 ELS-Specific Concepts 1.7.2 Mapping between Tenets and Key Concepts 1.7.3 Enterprise-Level Derived Requirements 1.7.4 Mapping between Key Concepts and Derived Requirements 1.8 Two Steps Forward and One Step Back 1.9 ­e Approximate Time-Based Crafting 1.10 Summary SECTION I BASICS AND PHILOSOPHY 2 Identity 2.1 Who Are You? 2.2 Naming 2.3 Identity and Naming: Case Study 2.4 Implications for Information Security 2.5 Personas 2.6 Identity Summary 3 Attributes 3.1 Facts and Descriptors 3.2 An Attribute Ecosystem 3.3 Data Sanitization 3.3.1 Guarded and Filtered InputsEnterprise Level Security (1) 1 Introduction 1.1 Problem Description 1.1.1 Success beyond Anticipation 1.1.2 But, It Started Long before ­at 1.1.2.1 A Brief History of the Development of the WWW 1 1.1.3 Fast-Forward to Today 1.2 What Is Enterprise Level Security? 1.3 Distributed versus Centralized Security 1.3.1 Case Study: Boat Design 1.3.2 Case Study Enterprise Information Technology Environment 1.3.3 Security Aspects 1.3.3.1 Confidentiality 1.3.3.2 Integrity 1.3.3.3 Availability 1.3.3.4 Authenticity 1.3.3.5 Nonrepudiation 1.4 Crafting a Security Model 1.4.1 ­e Assumptions 1.4.2 Tenets: Digging beneath the Security Aspects 1.5 Entities and Claims 1.5.1 Credentialing 1.6 Robust Assured Information Sharing 1.6.1 Security Requirements 1.6.2 Security Mechanisms 1.6.3 Goals and Assumptions of IA Architecture 1.6.4 Assumptions 1.6.5 A Framework for Entities in Distributed Systems 1.7 Key Concepts 1.7.1 ELS-Specific Concepts 1.7.2 Mapping between Tenets and Key Concepts 1.7.3 Enterprise-Level Derived Requirements 1.7.4 Mapping between Key Concepts and Derived Requirements 1.8 Two Steps Forward and One Step Back 1.9 ­e Approximate Time-Based Crafting 1.10 Summary SECTION I BASICS AND PHILOSOPHY 2 Identity 2.1 Who Are You? 2.2 Naming 2.3 Identity and Naming: Case Study 2.4 Implications for Information Security 2.5 Personas 2.6 Identity Summary 3 Attributes 3.1 Facts and Descriptors 3.2 An Attribute Ecosystem 3.3 Data Sanitization 3.3.1 Guarded and Filtered Inputs 3.3.2 Guard Administrator Web Interface 3.3.3 Integrity in Attribute Stores 3.3.4 Secure Data Acquisition 3.3.5 Integrity at the Source 3.4 Temporal Data 3.5 Credential Data 3.6 Distributed Stores 4 Access and Privilege 4.1 Access Control 4.2 Authorization and Access in General 4.3 Access Control List 4.3.1 Group Requirements 4.3.2 Role Requirements 4.3.3 ACRs and ACLs 4.3.4 Discretionary Access Control and Mandatory Access Control 4.4 Complex Access Control Schemas 4.5 Privilege 4.6 Concept of Least Privilege 4.6.1 Least Privilege Case Study 5 Cryptography 5.1 Introduction 5.2 Cryptographic Keys and Key Management 5.2.1 Asymmetric Key Pairs 5.2.1.1 RSA Key Generation 5.3 Symmetric Keys 5.3.1 TLS Mutual Authentication Key Production 5.3.2 Other Key Production 5.4 Store Keys 5.5 Delete Keys 5.6 Encryption 5.7 Symmetric versus Asymmetric Encryption Algorithms 5.7.1 Asymmetric Encryption 5.7.2 RSA Asymmetric Encryption 5.7.3 Combination of Symmetric and Asymmetric Encryption 5.7.4 Symmetric Encryption 5.7.4.1 Stream Ciphers 5.7.4.2 Block Ciphers 5.7.5 AES/Rijndael Encryption 5.7.5.1 Description of the AES Cipher 5.7.6 Data Encryption Standard 5.7.6.1 Triple DES 5.7.6.2 Description of the Triple DES Cipher 5.8 Decryption 5.8.1 Asymmetric Decryption 5.8.2 Symmetric Decryption 5.9 Hash Function 5.9.1 Hash Function Algorithms 5.9.2 Hashing with Cryptographic Hash Function 5.9.2.1 MD-5 5.9.2.2 SHA-3-Defined SHA-512 5.10 Signatures 5.10.1 XML Signature 5.10.2 S/MIME Signature 5.10.3 E-Content Signature 5.11 A Note on Cryptographic Key Lengths 5.11.1 Encryption Key Discovery 5.11.2 ­e High-Performance Dilemma 5.11.3 Parallel Decomposition of Key Discovery 5.12 Internet Protocol Security 5.13 Other Cryptographic Services 5.14 ­e Java Cryptography Extension 5.15 Data at Rest 5.16 Data in Motion 6 The Cloud 6.1 ­e Promise of Cloud Computing 6.2 Benefits of the Cloud 6.3 Drawbacks of Cloud Usage 6.3.1 Differences from Traditional Data Centers 6.3.2 Some Changes in the ­reat Scenario 6.4 Challenges for the Cloud and High Assurance 6.5 Cloud Accountability, Monitoring, and Forensics 6.5.1 Accountability 6.5.2 Monitoring 6.5.3 Knowledge Repository 6.5.4 Forensic Tools 6.6 Standard Requirements for Cloud Forensics 7 The Network 7.1 ­e Network Entities 7.1.1 Most Passive Elements 7.1.2 Issues of the Most Passive Devices 7.1.3 ­e Convenience Functions 7.1.4 Issues for the Convenience Functions 7.1.5 Content Analyzers 7.1.6 Issues for Content Analyzers SECTION II TECHNICAL DETAILS 8 Claims-Based Authentication 8.1 Authentication and Identity 8.2 Credentials in the Enterprise 8.3 Authentication in the Enterprise 8.3.1 Certificate Credentials 8.3.2 Registration 8.3.3 Authentication 8.4 Infrastructure Security Component Interactions 8.4.1 Interactions Triggered by a User Request for Service 8.4.2 Interaction Triggered by a Service Request 8.5 Compliance Testing 8.6 Federated Authentication 8.6.1 Naming and Identity 8.6.2 Translation of Claims or Identities 8.6.3 Data Requirements 8.6.4 Other Issues 9 Credentials for Access Claims 9.1 Security Assertion Markup Language 9.2 Access Control Implemented in the Web Service 9.3 Establishing Least Privilege 9.4 Default Values 9.5 Creating an SAML Token 9.6 Scaling of the STS for High Assurance Architectures 9.7 Rules for Maintaining High Assurance during Scale-Up 10 Claims Creation 10.1 Access Control Requirements at the Services 10.1.1 Discretionary Access Control List 10.1.2 Mandatory Access Control 10.1.3 Access Control Logic 10.2 Access Control Requirement 10.3 Enterprise Service Registry 10.4 Claims Engine 10.5 Computed Claims Record 11 Invoking an Application 11.1 Active Entities 11.2 Claims-Based Access Control 11.2.1 Authorization in the Enterprise Context 11.3 Establishing Least Privileg … (more)
- Edition:
- 1st
- Publisher Details:
- Boca Raton : CRC Press
- Publication Date:
- 2020
- Extent:
- 1 online resource, illustrations (black and white)
- Subjects:
- 005.8
Computer networks -- Security measures
Industries -- Security measures - Languages:
- English
- ISBNs:
- 9781000165258
9781000165173
9781000165210
9781003082118 - Related ISBNs:
- 9780367534073
- Notes:
- Note: Includes bibliographical references and index.
Note: Description based on CIP data; resource not viewed. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.696696
- Ingest File:
- 12_030.xml