User identification and authentication are essential parts of information security. Users must authenticate as they access their computer systems at work or at home every day. Yet do users understand how and why they are actually being authenticated, the security level of the authentication mechanism that they are using, and the potential impacts of selecting one authentication mechanism or another?
Introducing key concepts, Mechanics of User Identification and Authentication: Fundamentals of Identity Management outlines the process of controlled access to resources through authentication, authorization, and accounting in an in-depth, yet accessible manner. It examines today's security landscape and the specific threats to user authentication. The book then outlines the process of controlled access to resources and discusses the types of user credentials that can be presented as proof of identity prior to accessing a computer system. It also contains an overview on cryptography that includes the essential approaches and terms required for understanding how user authentication works.
This book provides specific information on the user authentication process for both UNIX and Windows. Addressing more advanced applications and services, the author presents common security models such as GSSAPI and discusses authentication architecture. Each method is illustrated with a specific authentication scenario.
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Consultant, Buckinghamshire, UKReview:
By the authors providing a 'hacker' perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. ... [T]here are important discussions of the non-technical kind [of insecurity] like policy, which is too often overlooked in many organizations. ... What is most impressive about the book is its outlines of specific exploits and attacks with prescribed defenses. ... Coupled with good illustrations and detailed explanations[,] this is a great resource...
- E-Streams, Vol. 7, No. 9, September 2004
This is a must-have book for those preparing for the CISSP exam and for any information security professional.
- Zentralblatt MATH 1054, May 2005
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.