Book description
The rise of network-based, automated services in the past decade has definitely changed the way businesses operate, but not always for the better. Offering services, conducting transactions and moving data on the Web opens new opportunities, but many CTOs and CIOs are more concerned with the risks. Like the rulers of medieval cities, they've adopted a siege mentality, building walls to keep the bad guys out. It makes for a secure perimeter, but hampers the flow of commerce.
Fortunately, some corporations are beginning to rethink how they provide security, so that interactions with customers, employees, partners, and suppliers will be richer and more flexible. Digital Identity explains how to go about it. This book details an important concept known as "identity management architecture" (IMA): a method to provide ample protection while giving good guys access to vital information and systems. In today's service-oriented economy, digital identity is everything. IMA is a coherent, enterprise-wide set of standards, policies, certifications and management activities that enable companies like yours to manage digital identity effectively--not just as a security check, but as a way to extend services and pinpoint the needs of customers.
Author Phil Windley likens IMA to good city planning. Cities define uses and design standards to ensure that buildings and city services are consistent and workable. Within that context, individual buildings--or system architectures--function as part of the overall plan. With Windley's experience as VP of product development for Excite@Home.com and CIO of Governor Michael Leavitt's administration in Utah, he provides a rich, real-world view of the concepts, issues, and technologies behind identity management architecture.
How does digital identity increase business opportunity? Windley's favorite example is the ATM machine. With ATMs, banks can now offer around-the-clock service, serve more customers simultaneously, and do it in a variety of new locations. This fascinating book shows CIOs, other IT professionals, product managers, and programmers how security planning can support business goals and opportunities, rather than holding them at bay.
Publisher resources
Table of contents
-
Digital Identity
- SPECIAL OFFER: Upgrade this ebook with O’Reilly
- Foreword
- Preface
- 1. Introduction
- 2. Defining Digital Identity
- 3. Trust
- 4. Privacy and Identity
- 5. The Digital Identity Lifecycle
-
6. Integrity, Non-Repudiation, and Confidentiality
- 6.1. Integrity
- 6.2. Non-Repudiation
- 6.3. Confidentiality
- 6.4. Conclusion
- 7. Authentication
- 8. Access Control
- 9. Names and Directories
- 10. Digital Rights Management
-
11. Interoperability Standards
- 11.1. Standards and the Digital Identity Lifecycle
- 11.2. Integrity and Non-Repudiation: XML Signature
- 11.3. Confidentiality: XML Encryption
- 11.4. Authentication and Authorization Assertions
- 11.5. Example SAML Use Cases
- 11.6. Identity Provisioning
- 11.7. Representing and Managing Authorization Policies
- 11.8. Conclusion
-
12. Federating Identity
- 12.1. Centralized Versus Federated Identity
- 12.2. The Mirage of Centralized Efficiency
- 12.3. Network Effects and Digital Identity Management
- 12.4. Federation in the Credit Card Industry
- 12.5. Benefits of Federated Identity
- 12.6. Digital Identity Standards
- 12.7. Three Federation Patterns
- 12.8. Conclusion
- 13. An Architecture for Digital Identity
- 14. Governance and Business Modeling
- 15. Identity Maturity Models and Process Architectures
- 16. Identity Data Architectures
- 17. Interoperability Frameworks for Identity
- 18. Identity Policies
-
19. Identity Management Reference Architectures
- 19.1. Reference Architectures
- 19.2. Benefits and Pitfalls
- 19.3. Reference Architecture Best Practices
- 19.4. Using a Reference Architecture
- 19.5. Components of a Reference Architecture
- 19.6. Technical Position Statements
- 19.7. Consolidated Infrastructure Blueprint
- 19.8. System Reference Architectures
- 19.9. Conclusion
- 20. Building an Identity Management Architecture
- Index
- About the Author
- Colophon
- SPECIAL OFFER: Upgrade this ebook with O’Reilly
Product information
- Title: Digital Identity
- Author(s):
- Release date: August 2005
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9780596553944
You might also like
book
Learning Digital Identity
Why is it difficult for so many companies to get digital identity right? If you're still …
book
Identity Management with Biometrics
Work with common biometrics such as face, fingerprint, and iris recognition for business and personal use …
book
Self-Sovereign Identity
In a world of changing privacy regulations, identity theft, and online anonymity, identity is a precious …
book
Computer Security Art and Science, 2nd Edition
The Comprehensive Guide to Computer Security, Extensively Revised with Newer Technologies, Methods, Ideas, and Examples In …