2025-03-15 - San Raimundo de Fitero y otros... |      623029155    info@evainformatica.es  Contacta

Digital Identity

https://evainformatica.es/biblioteca_virtual/manuales/img/digital_identity.png

Formato: chm

Tamaño: 932.7 KB

idioma: en

Descargar

This book is designed to familiarize CIOs, IT managers, and other IT professionals with the language, concepts, and technology of digital identity.

Digital Identity

Chapter 1. Introduction
 Section 1.1. Business Opportunity
 Section 1.2. Digital Identity Matters
 Section 1.3. Using Digital Identity
 Section 1.4. The Business Context of Identity
 Section 1.5. Foundational Technologies for Digital Identity
 Section 1.6. Identity Management Architectures

Chapter 2. Defining Digital Identity
 Section 2.1. The Language of Digital Identity
 Section 2.2. Identity Scenarios in the Physical World
 Section 2.3. Identity, Security, and Privacy
 Section 2.4. Digital Identity Perspectives
 Section 2.5. Identity Powershifts
 Section 2.6. Conclusion

Chapter 3. Trust
 Section 3.1. What Is Trust?
 Section 3.2. Trust and Evidence
 Section 3.3. Trust and Risk
 Section 3.4. Reputation and Trust Communities
 Section 3.5. Conclusion

Chapter 4. Privacy and Identity
 Section 4.1. Who's Afraid of RFID?
 Section 4.2. Privacy Pragmatism
 Section 4.3. Privacy Drivers
 Section 4.4. Privacy Audits
 Section 4.5. Privacy Policy Capitalism
 Section 4.6. Anonymity and Pseudonymity
 Section 4.7. Privacy Principles
 Section 4.8. Prerequisites
 Section 4.9. Conclusion

Chapter 5. The Digital Identity Lifecycle
 Section 5.1. Provisioning
 Section 5.2. Propagating
 Section 5.3. Using
 Section 5.4. Maintaining
 Section 5.5. Deprovisioning
 Section 5.6. Conclusion

Chapter 6. Integrity, Non-Repudiation, and Confidentiality
 Section 6.1. Integrity
 Section 6.2. Non-Repudiation
 Section 6.3. Confidentiality
 Section 6.4. Conclusion

Chapter 7. Authentication
 Section 7.1. Authentication and Trust
 Section 7.2. Authentication Systems
 Section 7.3. Authentication System Properties
 Section 7.4. Conclusion

Chapter 8. Access Control
 Section 8.1. Policy First
 Section 8.2. Authorization Patterns
 Section 8.3. Abstract Authorization Architectures
 Section 8.4. Digital Certificates and Access Control
 Section 8.5. Conclusion

Chapter 9. Names and Directories
 Section 9.1. Utah.gov: Naming and Directories
 Section 9.2. Naming
 Section 9.3. Directories
 Section 9.4. Aggregating Directory Information
 Section 9.5. Conclusion

Chapter 10. Digital Rights Management
 Section 10.1. Digital Leakage
 Section 10.2. The DRM Battle
 Section 10.3. Apple iTunes: A Case Study in DRM
 Section 10.4. Features of DRM
 Section 10.5. DRM Reference Architecture
 Section 10.6. Trusted Computing Platforms
 Section 10.7. Specifying Rights
 Section 10.8. Conclusion

Chapter 11. Interoperability Standards
 Section 11.1. Standards and the Digital Identity Lifecycle
 Section 11.2. Integrity and Non-Repudiation: XML Signature
 Section 11.3. Confidentiality: XML Encryption
 Section 11.4. Authentication and Authorization Assertions
 Section 11.5. Example SAML Use Cases
 Section 11.6. Identity Provisioning
 Section 11.7. Representing and Managing Authorization Policies
 Section 11.8. Conclusion

Chapter 12. Federating Identity
 Section 12.1. Centralized Versus Federated Identity
 Section 12.2. The Mirage of Centralized Efficiency
 Section 12.3. Network Effects and Digital Identity Management
 Section 12.4. Federation in the Credit Card Industry
 Section 12.5. Benefits of Federated Identity
 Section 12.6. Digital Identity Standards
 Section 12.7. Three Federation Patterns
 Section 12.8. Conclusion

Chapter 13. An Architecture for Digital Identity
 Section 13.1. Identity Management Architecture
 Section 13.2. The Benefits of an Identity Management Architecture
 Section 13.3. Success Factors
 Section 13.4. Roadblocks
 Section 13.5. Identity Management Architecture Components
 Section 13.6. Conclusion

Chapter 14. Governance and Business Modeling
 Section 14.1. IMA Lifecycle
 Section 14.2. IMA Governance Model
 Section 14.3. Initial Steps
 Section 14.4. Creating a Vision
 Section 14.5. IMA Governing Roles
 Section 14.6. Resources
 Section 14.7. What to Outsource
 Section 14.8. Understanding the Business Context
 Section 14.9. Business Function Matrix
 Section 14.10. IMA Principles
 Section 14.11. Conclusion

Chapter 15. Identity Maturity Models and Process Architectures
 Section 15.1. Maturity Levels
 Section 15.2. The Maturity Model
 Section 15.3. The Rights Steps at the Right Time
 Section 15.4. Finding Identity Processes
 Section 15.5. Evaluating Processes
 Section 15.6. A Practical Action Plan
 Section 15.7. Filling the Gaps with Best Practices
 Section 15.8. Conclusion

Chapter 16. Identity Data Architectures
 Section 16.1. Build a Data Architecture
 Section 16.2. Processes Link Identities
 Section 16.3. Data Categorization
 Section 16.4. Identity Data Structure and Metadata
 Section 16.5. Exchanging Identity Data
 Section 16.6. Principles for Identity Data
 Section 16.7. Conclusion

Chapter 17. Interoperability Frameworks for Identity
 Section 17.1. Principles of a Good IF
 Section 17.2. Contents of an Identity IF
 Section 17.3. Example Interoperability Framework
 Section 17.4. A Word of Warning
 Section 17.5. Conclusion

Chapter 18. Identity Policies
 Section 18.1. The Policy Stack
 Section 18.2. Attributes of a Good Identity Policy
 Section 18.3. Determining Policy Needs
 Section 18.4. Writing Identity Policies
 Section 18.5. An Identity Policy Suite
 Section 18.6. Assessing Identity Policies
 Section 18.7. Enforcement
 Section 18.8. Procedures
 Section 18.9. Conclusion

Chapter 19. Identity Management Reference Architectures
 Section 19.1. Reference Architectures
 Section 19.2. Benefits and Pitfalls
 Section 19.3. Reference Architecture Best Practices
 Section 19.4. Using a Reference Architecture
 Section 19.5. Components of a Reference Architecture
 Section 19.6. Technical Position Statements
 Section 19.7. Consolidated Infrastructure Blueprint
 Section 19.8. System Reference Architectures
 Section 19.9. Conclusion

Chapter 20. Building an Identity Management Architecture
 Section 20.1. Scoping the Process
 Section 20.2. Which Projects Are Enterprise Projects?
 Section 20.3. Sequencing the IMA Effort
 Section 20.4. A Piece at a Time
 Section 20.5. Conclusion: Dispelling IMA Myths

The concepts in this book apply equally well to a wide variety of organizations. While this book primarily talks about digital identity in the context of business, the concepts are as applicable, and opportunities as great, for non-profit groups and government agencies. As I mentioned, my experiences cover the public and private sectors as well as large and small organizations. When I use the word "enterprise" in this book, I mean any business or organizationfor-profit or not. The term can even apply to business units, provided their decisions about identity are relatively independent from other business units in the larger organization.

This book is not a book with code examples and recipes for building digital identity management systems. Even so, it is a technical book that explains the technology of digital identity in some detail. More importantly, the book puts the technology in context and shows how it can all be put to the task of managing digital identities inside your organization.

The book is divided into three sections. The first section is about the core concepts in digital identity, including privacy and trust. The second section discusses the technology of digital identity. The third section portrays in some detail a process, called an identity management architecture (IMA), that you can use to build a digital identity infrastructure in your organization, regardless of its size or organization. The information in the last section is prescriptive in nature. Because of my experiences, I have a clear philosophy on how to build an IMA. I present a rather a detailed series of steps that show how to create an IMA and how to use it.