Access Control and Identity Management
Author: Mike ChappleOVERVIEW
Access control protects resources against unauthorized viewing, tampering, or destruction. These systems serve as a primary means of ensuring privacy, confidentiality, and prevention of unauthorized disclosure. Revised and updated with the latest data from this fast-paced field, Access Control and Identity Management, Third Edition defines the components of access control, provides a business framework for implementation, and discusses legal requirements that impact access control programs. Focusing on Identity and Security Management, this new edition looks at the risks, threats, and vulnerabilities prevalent in information systems and IT infrastructures and how to handle them. This valuable resource provides both students and professional with details and procedures on implementing access control systems as well as managing and testing those systems.
Features and Benefits
- Examples depicting the risks associated with a missing unencrypted laptop containing private data
- New Case Study on Biometrics
- New sections on the Federal Information Security Management Act (FISMA) concerning US compliance
- Restructured organization of topics to better align with both the subject matter and student learning
- Updated references, examples, and screenshots of Software
- New information on Risk Adaptive Access Control (RAdAC)
TABLE OF CONTENTS
- Part 1 The Need For Access Control Systems
- Chapter 1 Access Control Framework
- Chapter 2 Business Drivers for Access Control
- Chapter 3 Human Nature and Organizational Behavior
- Chapter 4 Assessing Risk and Its Impact on Access Control
- Part 2 Implementic Access Control Systems
- Chapter 5 Access Control in the Enterprise
- Chapter 6 Mapping Business Challenges to Access Control Types
- Chapter 7 Access Control System Implementations
- Chapter 8 Access Control for Information Systems
- Chapter 9 Physical Security and Access Control
- Chapter 10 Access Control Solutions for Remote Workers
- Part 3 Managing and Testing Access Control Systems
- Chapter 11 Public Key Infrastructure and Encryption
- Chapter 12 Testing Access Control Systems
- Chapter 13 Access Control Assurance
- Chapter 14 Access Control Laws, Policies, and Standards
- Chapter 15 Security Breaches and the Law
