Role-based access control
David F. Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli
Résumé
Role-based access control (RBAC) is a security mechanism that can greatly lower the cost and complexity of security administration for large networked applications. RBAC simplifies security administration by using roles, hierarchies, and constraints to organize privileges. This book explains these components of RBAC, as well as how to support and administer RBAC in a networked environment and how to integrate it with existing infrastructure.
Because role hierarchies and role engineering are crucial to RBAC, you learn how to effectively implement them to ensure total access control. Specialized topics covered in detail include separation of duties, combining RBAC with military security models, and recent efforts toward standardization. This book also guides you through the various RBAC products available on the market and along the migration path to deploying RBAC for enterprise-wide security.
Contents
- Introduction
- Access Control Policy, Models and Mechanisms - Concepts and Examples
- Core RBAC Features
- Role Hierarchies
- Separation of Duty Policies and Constraints in RBAC Systems
- RBAC, MAC and DAC
- NIST's Proposed RBAC Standard
- Role-Based Administration of RBAC
- Enterprise Access Control Frameworks Using RBAC and XML Technologies
- Integrating RBAC with Enterprise IT Infrastructures
- Migrating to RBAC - Case Study : Multiline Insurance Company
- RBAC Features in Commercial Products
- Appendices
- About the Authors
- Index
L'auteur - David F. Ferraiolo
David Ferraiolo is a supervisory computer scientist in the Systems and Networks Security Group at the National Institute of Standards and Technology (NIST), Gaithersburg, MD. In addition to managing three access control and security management projects, he is leading research to improve operational assurance, security authentication, intrusion detection, and authorization.
L'auteur - D. Richard Kuhn
D. Richard Kuhn is a computer scientist in the Computer Security Division of NIST. His primary technical interests are information security and software testing and assurance.
L'auteur - Ramaswamy Chandramouli
Ramaswamy Chandramouli is a computer scientist in the
Computer Security Division of NIST. He has more than 17
years experience in design and development of IT solutions
in industry and government, and coauthored the first
international security protection profile for RBAC. His
current work focuses on automated security testing tools,
and he is coauthor of NIST's proposed RBAC standard.
Caractéristiques techniques
| PAPIER | |
| Éditeur(s) | Artech House |
| Auteur(s) | David F. Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli |
| Parution | 30/05/2003 |
| Nb. de pages | 332 |
| Format | 18 x 23,5 |
| Couverture | Relié |
| Poids | 775g |
| Intérieur | Noir et Blanc |
| EAN13 | 9781580533706 |
| ISBN13 | 978-1-58053-370-6 |
Avantages Eyrolles.com
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
