| | |  | General | Home » » » Mechanics of User Identification and Authentication: Fundamentals of Identity Management | | | | | | | Description: | | User identification and authentication are essential parts of information security. Users must authenticate as they access their computer systems at work or at home every day. Yet do users understand how and why they are actually being authenticated, the security level of the authentication mechanism that they are using, and the potential impacts of selecting one authentication mechanism or another?
Introducing key concepts, Mechanics of User Identification and Authentication: Fundamentals of Identity Management outlines the process of controlled access to resources through authentication, authorization, and accounting in an in-depth, yet accessible manner. It examines today's security landscape and the specific threats to user authentication. The book then outlines the process of controlled access to resources and discusses the types of user credentials that can be presented as proof of identity prior to accessing a computer system. It also contains an overview on cryptography that includes the essential approaches and terms required for understanding how user authentication works.
This book provides specific information on the user authentication process for both UNIX and Windows. Addressing more advanced applications and services, the author presents common security models such as GSSAPI and discusses authentication architecture. Each method is illustrated with a specific authentication scenario. | | | Product Details: | | | Author:
| Dobromir Todorov | | Hardcover:
| 760 pages | | Publisher:
| Auerbach Publications | | Publication Date:
| June 18, 2007 | | Language:
| English | | ISBN:
| 1420052195 | | Package Length:
| 9.4 inches | | Package Width:
| 6.2 inches | | Package Height:
| 1.8 inches | | Package Weight:
| 2.6 pounds | | Average Customer Rating:
|  based on 5 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
Technology Layer Approach to AuthenticationApr 20, 2010
I apply Enterprize Architecture techniques to my work and in short this considers the interlinking importance of business, information, applications, and technology in any analysis. Mechanics of User Identication and Authentication is firmly in the technology layer with some overlap in the application layer. It includes considerable depth in this area not only based on its 726 page count but also in the considerable detail provided and therefore provides a high degree of value for the dollar. If you are looking for one identity management technical reference book then you should consider this one. However if you are looking for an introductory book in identity management then this book is not for you. It offers separate chapters on UNIX and Windows and subsequent chapters drill into considerable detail into other authentication and related protocols. I do not have the knowledge to comment on the technical accuracy of this book but it will be the first one I reach for as my identity management project proceeds.
3 of 4 found the following review helpful:
 Security professional? Read this book!Mar 18, 2008
If you are a practicing security professional, buy this book! Todorov has spent a lot of time in the lab working through how our authentication technologies work and offers clear descriptions and sage advice on how they actually work and should be used in practice.
This is not a rehash of vendor documentation and RFCs but a real look "under the covers" at a core capability our security infrastructure must support.
It's probably not a book you'll read from cover to cover as it's too detailed. But I would strongly encourage you to read the indtroductory material and then dip into the chapters dealing with the particular methods you use (or are thinking about using) in your own work.
Then place the book on your shelf as a ready reference when you need a well-organized reference to a particular technology.
2 of 3 found the following review helpful:
Mechanics of User Identification and Authentication Fundamentals of Identity ManagementJan 09, 2008
The book "Mechanics of User Identification and Authentication Fundamentals of Identity Management" Provides a good baseline and framework for any junior security expert and can also improve the knowledgebase of regular IT person.
Although the information in this book doesn't provide the "latest news" - In the technology field, the current news usually can be considered as an old news.
So the conclusion is simple: Start from the basis and move forward.
After obtaining a good baseline, learning a new information will be more
easier.
I hope that the new edition of this book will be published with a Paperback so the book price will be dropped and from my point of view,
it's more easier to learn from a Paperback books.
2 of 3 found the following review helpful:
Finally some has presented the fundamentalsDec 13, 2007
Recommended for all Administrators and Designers of IT Infrastructures!!!
I must say this book is well worth the read and for me has taken its place on the bookshelf along side other bibles of Networking (Routing TCP/IP v1 and v2 - Jeff Doyle). As a forgotten area of many Infrastructures - where most people look simply to vendor recommendations, without fully understanding what it is they are implementing (or recommending to others)- finally someone has written a book that explores the mechanics of the many different authentication methods available on the market today. Whether it be UNIX, Windows, TACACS+, RADIUS or SSL, now I have one place to look for the technical details.
1 of 8 found the following review helpful:
 Out of Date InformationDec 06, 2007
In spite of its recent publication, much of the detailed Windows security information in this volume is seriously out of date. The versions of the OS described in this book are Win 2K and Server 2K3. There were *major* security enhancements in both XP SP2 and Windows Vista that invalidate much of what the author says in this book.
| | |
|
