ABSTRACT

Enterprise Level Security: Securing Information Systems in an Uncertain World provides a modern alternative to the fortress approach to security. The new approach is more distributed and has no need for passwords or accounts. Global attacks become much more difficult, and losses are localized, should they occur. The security approach is derived fro

chapter 1|28 pages

- Introduction

part |2 pages

SECTION I - BASICS AND PHILOSOPHY

chapter 2|6 pages

- Identity

chapter 3|8 pages

- Attributes

chapter 4|10 pages

- Access and Privilege

chapter 5|20 pages

- Cryptography

chapter 6|12 pages

- The Cloud

chapter 7|6 pages

- The Network

part |2 pages

SECTION II - TECHNICAL DETAILS

chapter 8|10 pages

- Claims-Based Authentication

chapter 9|12 pages

- Credentials for Access Claims

chapter 10|12 pages

- Claims Creation

chapter 11|14 pages

- Invoking an Application

chapter 12|14 pages

- Cascading Authorization

chapter 13|12 pages

- Federation

chapter 14|14 pages

- Content Access Control

chapter 15|8 pages

- Delegation

chapter 16|16 pages

- The Enterprise Attribute Ecosystem

chapter 17|34 pages

- Database Access

chapter 18|18 pages

- Building Enterprise Software

chapter 19|16 pages

- Vulnerability Analyses

chapter 20|28 pages

- An Enterprise Support Desk

chapter 21|32 pages

- Network Defense

chapter 22|4 pages

- Concluding Remarks