Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Identity Management: Concepts, Technologies, and Systems", Elisa Bertino/Kenji Takahashi

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Han
    BKIMCTAS.RVW 20110326 Identity Management: Concepts, Technologies, and Systems , Elisa Bertino/Kenji Takahashi, 2011, 978-1-60807-039-8 %A Elisa Bertino
    Message 1 of 1 , Feb 15, 2012
    • 0 Attachment
      BKIMCTAS.RVW 20110326

      "Identity Management: Concepts, Technologies, and Systems", Elisa
      Bertino/Kenji Takahashi, 2011, 978-1-60807-039-8
      %A Elisa Bertino
      %A Kenji Takahashi
      %C 685 Canton St., Norwood, MA 02062
      %D 2011
      %G 978-1-60807-039-8 1-60807-039-5
      %I Artech House/Horizon
      %O 800-225-9977 fax: +1-617-769-6334 artech@...
      %O http://www.amazon.com/exec/obidos/ASIN/1608070395/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/1608070395/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/1608070395/robsladesin03-20
      %O Audience i- Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 196 p.
      %T "Identity Management: Concepts, Technologies, and Systems"

      Chapter one, the introduction, is a review of general identity related
      issues. The definition of identity management, in chapter two, is
      thorough and detailed, covering the broad range of different types and
      uses of identities, the various loci of control, the identity
      lifecycle (in depth), and a very effective technical definition of
      privacy. (The transactional attribute is perhaps defined too
      narrowly, as it could relate to non-commercial activities.)
      "Fundamental technologies and processes" addresses credentials, PKI
      (Public Key Infrastructure), single sign-on, Kerberos, privacy, and
      anonymous systems in chapter three. The level of detail varies: most
      of the material is specific with limited examples, while attribute
      federation is handled quite abstractly. Chapter four turns to
      standards and systems, reviewing SAML (Security Assertion Markup
      Language), Web Services Framework, OpenID, Information Card-Based
      Identity Management (IC-IDM), interoperability, other prototypes,
      examples, and projects, with an odd digression into the fundamental
      confidentiality, integrity, and availability concepts. Challenges are
      noted in chapter five, briefly examining usability, access control,
      privacy, trust management, interoperability (from the human, rather
      than machine, perspective, particularly expectations, experience, and
      jargon), and finally biometrics.

      This book raises a number of important questions, and mentions many
      new areas of work and development. For experienced security
      professionals needing to move into this area as a new field, it can
      serve as an introduction to the topics which need to be discussed.
      Those looking for assistance with an identity management project will
      probably need to look elsewhere.

      copyright, Robert M. Slade 2011 BKIMCTAS.RVW 20110326


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      If you believe everything you read, you better not read.
      victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
      http://blogs.securiteam.com/index.php/archives/author/p1/
      http://twitter.com/rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.