• Title Identity Management on a Shoestring
• Author(s) Ganesh Prasad, Umesh Rajbhandari
• Publisher: InfoQ (Mar 19, 2012)
• Hardcover N/A
• eBook PDF, 152 pages, 3.0 MB
• Language: English
• ISBN-10: N/A
• ISBN-13: 987-1105558634
• Share This:  

Book Description

This document is aimed at Security and IT practitioners (especially architects) in end-user organisations who are responsible for implementing an enterprise-wide Identity and Access Management (IAM) system. It is neither a conceptual treatment of Identity (for which we would refer the reader to Kim Cameron's excellent work on the Laws of Identity) nor a detailed technical manual on a particular product. It describes a pragmatic and cost-effective architectural approach to implementing IAM within an organisation, based on the experience of the authors.

Our background and experience are largely with Java-based technologies, so Java shops would probably be best positioned to benefit from our suggestions, but we are sure these general principles can be suitably adapted to other technology platforms. As with any piece of unsolicited advice, the usual caveats apply. No guarantees or warranties are provided or implied. The reader is expected to apply commonsense and sound design judgement when developing a solution based on this approach.

• Ganesh Prasad has been an architect in the Shared Services space for many years and has convinced himself that his brand of pedantry is in fact a long-term and enterprise-wide perspective. He provides nuisance value to project teams that just want to get the job done.
• Umesh Rajbhandari is a Java / Web developer who likes to keep abreast of the latest technologies. He has worked in Singapore and Nepal, and is currently based in Sydney.

• Amazon

• Computer and Information Security
• Web Programming

• Identity Management on a Shoestring (Ganesh Prasad, et al.)
• The Mirror Site (1) - PDF

• Security as Code: DevSecOps Patterns with AWS (BK Das, et al.)

  It demonstrates how to use this methodology to secure any application and infrastructure you want to deploy. You'll learn how to create a secure containerized application with Kubernetes using CI/CD tooling from AWS and open source providers.

• Security of Ubiquitous Computing Systems (Gildas Avoine, et al)

  It is to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework that lies along four axes: cryptographic models, cryptanalysis of building blocks, security engineering, and security assessment.

• Building Secure and Reliable Systems: Best Practices

  Security is crucial to the design and operation of scalable systems in production. Experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.

• Security Concepts (Subspacefield)

  This is a book about computer, network, technical, physical, information and cryptographic security, illustrated with interesting and entertaining examples. It is not intended to be an introductory text, although a beginner could gain something from it.

• Rational Cybersecurity for Business (Daniel Blum)

  This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience.

• Security Engineering: Building Dependable Distributed Systems

  It makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorized use, and general malice, offers a lot of thoughts on how information can be made more secure by both technologies and strategies.

• Web Application Security: Exploitation and Countermeasures

  This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. It introduces three pillars of web application security: recon, offense, and defense.

• Handbook of Digital Face Manipulation and Detection

  This open access book provides the first comprehensive collection of studies dealing with the hot topic of digital face manipulation such as DeepFakes, Face Morphing, or Reenactment. It combines the both biometrics and media forensics fields.

• Demystifying Internet of Things Security (Sunil Cheruvu, et al)

  This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. It provides clarity to industry professionals and provides and overview of different security solutions.

• Next-Generation Firewalls For Dummies (Palo Alto Networks)

  This book will show you how to rethink your security strategy to counter and block even the most sophisticated attacks, help you understand what firewalls are, how they operate on different types of networks, what they can and can't do, and how to pick a good one.

• Advances in Security in Computing and Communications

  This book presents some of the state-of-the-art research work in the field of cryptography and security in computing and communications. It covers cryptography, network security, and security and privacy issues in the Internet of Things (IoT).

• Cryptography and Computer Security (Chris Bourke, et al)

  This book introduces the basic concepts in computer networks and the latest trends and technologies in cryptography and network security. The book is a definitive guide to the principles and techniques of cryptography and network security.

• Beautiful Security: Leading Security Experts Explain How They Think

  This book features a collection of essays and insightful analyses by leaders who have found unusual solutions for writing secure code, designing secure applications, addressing modern challenges such as wireless security, and much more.