Role-Based Access Control, Second Edition und über 1 Million weitere Bücher verfügbar für Amazon Kindle . Erfahren Sie mehr

Möchten Sie verkaufen? Hier verkaufen
Role-Based Access Control (Artech House Computer Security Series)
 
 
Für Kunden: Stellen Sie Ihre eigenen Bilder ein.
Eine andere Ausgabe dieses Buches durchsuchen
Beginnen Sie mit dem Lesen von Role-Based Access Control, Second Edition auf Ihrem Kindle in weniger als einer Minute.

Sie haben keinen Kindle? Hier kaufen oder eine gratis Kindle Lese-App herunterladen.

Role-Based Access Control (Artech House Computer Security Series) [Englisch] [Gebundene Ausgabe]

David F. Ferraiolo (Autor), D. Richard Kuhn (Autor), Ramaswamy Chandramouli (Autor)

Erhältlich bei diesen Anbietern.


Weitere Ausgaben

 Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 62,78   -- --
Gebundene Ausgabe --   -- --
Taschenbuch EUR 954,99   -- --

Produktinformation

Mehr über den Autor

David Ferraiolo
Entdecken Sie Bücher, lesen Sie über Autoren und mehr

Besuchen Sie die Seite von David Ferraiolo auf Amazon

Produktbeschreibungen

Kurzbeschreibung

Role-based access control (RBAC) is a security mechanism that can greatly lower the cost and complexity of securing large networked and Web-based systems. This book offers professionals practical guidance on RBAC.

Synopsis

Securing networked and Web-based systems can be costly because these open and easy-to-access systems leave a myriad of unwanted openings for hackers and other intruders to break into. Role-based access control (RBAC) is a security mechanism that can greatly lower the cost and complexity of securing large networked and Web-based systems. This volume covers the basic components of RBAC as well as deploying, supporting and administering RBAC.
In diesem Buch (Mehr dazu)
Nach einer anderen Ausgabe dieses Buches suchen.
Ausgewählte Seiten ansehen
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis
Hier reinlesen und suchen:

Tags

 (Was ist das?)
Bei einem Tag handelt es sich um ein Schlagwort, das zum Produkt passt.
Tags erleichtern allen Kunden die Suche und die Sortierung ihrer Lieblingsprodukte.
 
Beliebteste Tags anzeigen

Kundenrezensionen

Es gibt noch keine Kundenrezensionen auf Amazon.de
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
Amazon.com:  3 Rezensionen
21 von 23 Kunden fanden die folgende Rezension hilfreich
Most complete RBAC reference 11. Juli 2004
Von Mike Tarrani - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe
The three authors are leaders in RBAC research and development, making this book one of the most authoritative and complete references to RBAC.

Chapters 1 through 3 give a solid foundation for understanding RBAC and how it evolved, starting with an introduction, an exhaustive survey of access control methods needed to fully understand the evolution, and a solid and detailed overview of RBAC itself.

In the subsequent chapters each aspect of RBAC is covered in depth. Topics include role hierarchies, separation of duty policies, administration, integrating RBAC into existing infrastructures, and migration to RBAC. In addition, there are chapters on related topics that give this book wide scope - "Using RBAC to Implement Military Policies" shows how to implement multi-level security models with RBAC. This information uses military policies, but the material is also of interest to any commercial organization seeking tightly integrated access controls and a high security posture. The chapter on the proposed NIST RBAC standard also covers key items of interest, including Common Criteria RBAC protection profiles and other conformance issues. There are also chapters on RBAC research and prototypes, and commercial products.

While this book is well written and uses illustrations to impart key concepts, you will need to be conversant with set theory in order to get the most from it, as well as understand RBAC itself. If you are a bit rusty I recommend refreshing your skills before diving into this book.

If you want to explore RBAC and the work of each of the authors visit NIST Computer Security Division and Computer Security Research by pasting the ASIN, B0001O48Y4, into the search box, selecting all products and clicking GO. Once you are on the site you'll find the RBAC section under Security Research/Emerging Technologies->Authorization Management and Advanced Access Control Models (AM&AACM) link.

8 von 9 Kunden fanden die folgende Rezension hilfreich
Useful but difficult 19. August 2007
Von Rob van der Staaij - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe|Von Amazon bestätigter Kauf
Overall, this is a very comprehensive book that covers almost all aspects of RBAC.

What strikes me the most when reading this book, is the academic and theoretical nature of its contents. For example, the diagrams and especially the formulas, which are used to illustrate things, are likely difficult to grasp for a non-expert and will probably not elucidate the discussions in an average RBAC project. Since RBAC affects many different people in the organization, from business to IT, the subject should be presented as straightforward and simple as possible.

The book starts with a, useful, overview of access control. The different types, such as DAC `Discretionary Access Control' and MAC `Mandatory Access Control', are explained and compared with RBAC.
In one of the subsequent chapters the authors discuss how RBAC can be combined with other access control mechanisms. But the theoretical nature of the book is exemplified at the end of one of the discussions when it is stated that `To date, systems supporting both MAC and RBAC have not been produced, but the approaches discussed in this chapter show that such a system is possible.'

One of the most important chapters in my view is the one that deals with SOD `Segregation (or Separation) Of Duties'. SOD is an effective means to combat fraud.
Also useful, however brief, is the chapter, in which the authors discuss how RBAC can be used in regulatory compliance.

Throughout the book a number of frameworks, techniques and mechanisms are described how to integrate RBAC in real life environments. In the last chapter four arbitrarly chosen provisioning products (here called enterprise security administration products) are discussed, most of which, however, only offer moderate support for role modeling and RBAC administration. The products that do offer such support in a much better way, such as those from Bridgestream (now Oracle), Eurikify, BHOLD and Vaau (now Sun Microsystems), are surprisingly enough not mentioned at all.

What also is missing is a comparison of job functions and RBAC roles. Many people ask themselves how these relate to or differ from each other.

The examples, which are used, are almost exclusively from financial and health care organizations. Examples from government organizations as well as from educational institutes and production environments would have been helpful as well, since these kinds of organizations have their own unique RBAC requirements.

Rob van der Staaij
9 von 13 Kunden fanden die folgende Rezension hilfreich
Role base management process 14. Dezember 2006
Von I. Sh - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe
Hi

I am a consultant and analyst of role base projects and this book lays out the foundations of RBAC model.

i would like to add:

There are few ways to start a role base project. It depends on factors as # of users, # of systems , # of security Admins , budget, auditors, company needs and more.

Usually, companies are trying to approach this project, using the current resources and do this project manually, without any external consultancy or experience, best practices and methodologies

By taking the manual approach, you can generate few roles, usually, the basic enterprise roles or departmental roles, but then , you will find that you need to generate many other roles, by analyzing many users, resources , access rights and working and interviewing with many business managers, a process that can take 24-48 months for an organization with 10k users.

I have been managing 10-15 RBAC projects and involved in about 50 others, in USA & Europe, and I can share with you the high level best practices.

Cleansing

1. Mapping the company systems, and business model.

2. Set the RBAC targets - # of roles, workflows etc

3. Import current access rights and perform a mini cleansing project - 3-4 weeks

4. Doing role engineering on very polluted data, will product roles, but vary dirty roles.

5. It is better to spend few weeks on cleansing till you feel that you managed to clean the major faulty access rights

6. Use smart AUDIT tools to analyze your current access rights model and advice you what access rights are suspected

7. Use compliance and policy check tools (Segregation of duty etc) to perform the cleansing

8. Use a workflow for Access-Rights Certification - (example Eurekify/Sage)

Role Engineering:

Use tools that can help you creating roles by analyzing your current access right. There are few tools in the market as Eurekify/Sage.

Run all the techniques that this tool provide and analyze the results.

Use a tool that has a built in workflow for Role Approval

Audit your roles and make sure that the roles are normalized

highly recommended to use automated solutions to audit your roles

Build compliance rules to validate the roles.

and more..

Role Management

Ensure that you will be able to modify and alter the roles easily

build or use a solution that will help you to manage and maintain the roles

keep in mind that roles are dynamic and will change

Role certification / re -certification

Make sure that you have a workflow to certify / recertify roles

record and archive all the changes

Build reports that will help you to manage and control your roles and results.

Hope it helps

Best Regards

Ilan Sharoni

Director - Eurekify

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Thema:
Erster Beitrag:
Eingabe des Log-ins
 


Aktive Diskussionen in ähnlichen Foren
Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen
   
Ähnliche Foren

Lieblingslisten

Legen Sie Ihre eigene Lieblingsliste an

Ähnliche Artikel finden

Anhand des Sachgebietes nach ähnlichen Produkten suchen:























Das bedeutet, jeder Titel/Artikel muss zu Sachgebiet 1 UND zu Sachgebiet 2 UND... gehören.

Ihr Kommentar

Möchten Sie die Produktinformationen aktualisieren oder Feedback zu den Produktabbildungen geben?