Ebook Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software
Ebook Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software
Currently, providing guides for you is sort of crucial point. It will certainly obviously aid you to discover guide quickly. When you actually require the book with the same subject, why do not you take Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software now as well as here? It will not be so challenging. It will be so very easy to see exactly how you wish to discover the book to read. The discussion of individuals who love this book to read is much better.
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software
Ebook Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software
Do you think that Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software is a great book? Yes, we think so, looking and also understanding that the writer of this book; we will definitely recognize that it is a great book to review each time. The writer of this book is popular in this subject. When somebody needs the referral from the subject, they will seek for the details as well as information from the books composed by this writer.
different view. Yeah, this publication overcomes a brand-new thing that will certainly not only inspire, but likewise enhance lesson and experience. Having this Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software, even as soft documents, will show that you have joint to be among the hundreds viewers on the planet. Yeah, you're one part of the excellent people that like this publication.
It likewise comes with the high quality of the writer to discuss the significance and also words for the readers. If you need to obtain the inspiring ways exactly how the book will certainly be required, you need to recognize specifically what to do. It relates to exactly how you make deals with the conditions of your demands. Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software is one that will lead you to achieve that thing. You can totally set the condition to earn far better.
It's no any kind of faults when others with their phone on their hand, as well as you're as well. The distinction might last on the material to open Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software When others open up the phone for chatting and talking all things, you could often open up and review the soft file of the Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software Naturally, it's unless your phone is readily available. You could likewise make or wait in your laptop computer or computer system that relieves you to check out Securing The Perimeter: Deploying Identity And Access Management With Free Open Source Software.
From the Back Cover
Leverage existing free open source software to build an identity and access management (IAM) platform that can serve your organization for the long term. With the emergence of open standards and open source software, it’s now easier than ever to build and operate your own IAM stack.The most common culprit of the largest hacks has been bad personal identification. In terms of bang for your buck, effective access control is the best investment you can make. Financially, it’s more valuable to prevent than to detect a security breach. That’s why Identity and Access Management (IAM) is a critical component of an organization’s security infrastructure. In the past, IAM software has been available only from large enterprise software vendors. Commercial IAM offerings are bundled as “suites†because IAM is not just one component. It’s a number of components working together, including web, authentication, authorization, cryptographic, and persistence services. Securing the Perimeter documents a recipe to take advantage of open standards to build an enterprise-class IAM service using free open source software. This recipe can be adapted to meet the needs of both small and large organizations. While not a comprehensive guide for every application, this book provides the key concepts and patterns to help administrators and developers leverage a central security infrastructure.Cloud IAM service providers would have you believe that managing an IAM is too hard. Anything unfamiliar is hard, but with the right road map, it can be mastered. You may find SaaS identity solutions too rigid or too expensive. Or perhaps you don’t like the idea of a third party holding the credentials of your users―the keys to your kingdom. Open source IAM provides an alternative. Take control of your IAM infrastructure if digital services are key to your organization’s success. What You’ll Learn:Understand why you should deploy a centralized authentication and policy management infrastructureUse the SAML or Open ID Standards for web or single sign-on, and OAuth for API Access ManagementSynchronize data from existing identity repositories such as Active DirectoryDeploy two-factor authentication services
Read more
About the Author
Michael Schwartz is a domain expert on digital authentication and centralized application security policy management. Since starting an ISP in 1995, he has been directly involved in network and application security. In 2009, he founded Gluu Inc, a security software development company that has created an IAM distribution based on free open source components. In addition to his participation in several identity standards, Mike is the co-chair of the OTTO working group at the Kantara Initiative, which is developing new standards for identity federation. Mike has worked with organizations in many sectors, including finance, government, education, and enterprise. A graduate of Washington University in St. Louis, he currently resides with his family in Austin, TX.Maciej Machulak is an expert in security, privacy and trust in the Cloud. He works on digital identity and security at HSBC. In the past, Maciej worked for various companies in the identity and access management space. He also founded and became the CEO of Cloud Identity Limited (acquired by Synergetics), a company that developed innovative security software based on proprietary and open source components. Maciej serves as the Vice-Chair of the User-Managed Access (UMA) Work Group at Kantara Initiative and is one of the authors of the award-winning UMA protocol and of two OAuth-related specifications used in Open Banking. In June 2015, Maciej was awarded the prestigious MIT Technology Review Innovators Under 35 Poland award for his work on privacy and security. Maciej is a PhD graduate from Newcastle University. Outside of work, he enjoys various outdoor activities and sports with his family.
Read more
Product details
Paperback: 396 pages
Publisher: Apress; 1st ed. edition (December 13, 2018)
Language: English
ISBN-10: 1484226003
ISBN-13: 978-1484226001
Product Dimensions:
7 x 0.9 x 10 inches
Shipping Weight: 1.5 pounds (View shipping rates and policies)
Average Customer Review:
5.0 out of 5 stars
4 customer reviews
Amazon Best Sellers Rank:
#312,726 in Books (See Top 100 in Books)
Mike Schwartz and Maciej Machulak have done an admirable job in creating a primer on identity management that can be used by both professionals who are new to the IAM field as well as those in other fields who just want to understand the IAM space better and/or to discern how IAM services interact with their own. The authors start with the most basic concepts of IAM and step the reader through to more complex subjects: LDAP to SAML to OAuth to OpenID Connect, etc.. Where this book differentiates itself from other works is its inclusion of Free Open Source Software (FOSS) that is available for each use case to allow the reader to build their own IAM systems to put the principles into practice. I also appreciate that the authors reached out to industry experts to review the more recent advances like FIDO, WebAuthN, and UMA. A great addition to any company’s library of material for new identity professionals.
This book is an excellent introduction to identity and access management (what Gartner refers to as IAM). Chapter 1 introduces the enduring notion of the PDP and PAP, which was developed by the pioneers of the Internet in the 1990 in the IETF. The chapter provides a brief introduction to the current standards in the IAM space (LDAP, SAML, OAuth, OpenID Connect, and UMA).Chapter 2 is devoted to LDAP (Lightweight Directory Access Protocol, RFC2251), which is the grand-daddy of what is called today Directory Services, first championed by Novell in the 1990s. If your company or organization is operating Windows Server (on-premise or in the cloud), then you are running a directory services product (namely Windows Active Directory). This chapter focuses on LDAP because LDAP is simple (compared to Active Directory) and sufficiently embodies the various concepts that will be built upon in later chapters. The chapter covers various aspects of LDAP that are relevant to the topic of identity management.Chapter 3 is devoted to the Security Assertions Markup Language (SAML). The SAML standard was the first to address the need for Web Single Sign-On (Web-SSO), notably when the end-user is connecting using only a Browser to a service provider, such as an online merchant. The SAML standard defines a number of constructs which are key to communicating the information or data regarding the individual (or organization) whose digital-identity is being assessed. The Chapter covers these in sufficient detail (e.g. Assertions, Query-Response Protocol, Bindings and use-case profiles such as the Web-SSO profile). Best of all, the chapter actually provides some “swim lane†diagrams that shows the protocol flows – something that is very relevant to developers who are seeking to understand better the SAML exchanges.With the emergence of mobile devices and social media platforms in the past decade, a new protocol called OAuth emerged that is today dominant in many of the new platforms. This is the subject of Chapter 4. Most of the popular developer APIs to access services offered by major social media platforms (e.g. Google, Facebook, Twitter, etc.) employ the OAuth 2.0 protocol and tokens in one form or another. The chapter discusses the entities in an OAuth 2.0 setup, OAuth 2.0 tokens, the various grant types and flows, and provides a good example of OAuth 2.0 in action using Google APIs.Developers who have played around with OAuth 2.0 realize that additional features are needed to make it more deployment-ready. The protocol that extends OAuth2.0 is the OpenID-Connect (OIDC) protocol, which is the subject of Chapter 5. This chapter is one of the nicest and easiest to read explanations of OpenID-Connect. It even discusses more recent additions to the protocol, such as Client Registration.Chapter 6 presents a discussion about proxy servers and proxying, which is something every developer needs to be aware of nowadays because it is a core part of the network topology of many (most) medium to large organizations.Chapter 7 provides an overview of One Time Passwords (OTP) as part of the need for strong authentication. The chapter provides useful background information about standards coming from the FIDO Alliance (an industry consortium focusing on strong authentication). Specifically, it presents a good high-level explanation of the FIDO Universal Authentication Framework (UAF).Chapter 8 discusses one of the major issues today with IAM systems and data privacy, namely consent by individuals for access to their data and files. The protocol that implements consent rules and the enforcement of these rules on the user’s data/files is the User Managed Access (UMA) architecture and protocol. The reader is advised to first read Chapter 4 and Chapter 5 before attempting to read Chapter 8. This chapter provides one of the more accessible material on the UMA protocol. These three chapters (4, 5 and 8) make this book worth every penny.Chapter 9 provides an overview of open source softwares/tools that helps deploy and manage IAM systems. The chapter provides an overview of the various tasks involved in identity management by an IT organization. Each of the open source tools are only briefly described, and the keen reader is encouraged to look up these tools.Chapter 10 addresses the issue of scaling up identity services, notably in the consumer space. The technical term used is Federation or Federated Identity Management. The main purpose of federation is for identity service providers (even competitors) to work together to provide a seamless single sign-on (SSO) login experience to users who need to be authenticated by a relying party (such as an online merchant). Ideally the user should need to login only once, regardless of the destination online merchant. However, since a user maybe registered at only one Identity Provider (which may not be directly associated with the online merchant), these identity providers need to federate with each other under a common legal trust framework and contract. Chapter 10 provides the reader with a very good introduction to the concepts and nuances of identity federation.All in all, this is a very good book for the reader who maybe new to the area of Identity and Access Management (IAM), or new to OAuth2.0 in the context of API access ti services. As mentioned before, the core value of this book is Chapters 4, 5 and 8. These chapters are well written by a seasoned practitioner, making the book accessible and unique among the books on identity management. Both authors are experts in the field, and have been actively involved in the IAM space for over a decade now.To give a balanced perspective, the only slightly negative aspect of the book is the use of the Gluu software for many of the examples. However, these code examples are very useful and necessary. As the primary developer of the Gluu software Mike Schwartz (first author) is very familiar with the code. As such, it makes sense for him to use his own code for illustrative examples throughout the book.
This authoritative book serves as a resource as well as a learning platform. The world of identity, and IAM, is confusing, esoteric, and rife with conflicting opinions and interpretations. Most identity professionals are self taught, even if you are an expert, you have gaps. This book covers everything from OAuth to MFA. How is your identity IQ? If you are in IT, security, privacy, or any related field, this is a must read to round out your knowledge. If you enjoy hands-on learning, take the journey to use the open source Guu software. This book has something for everyone.
This book is excellent for those starting in the IAM (Identity and Access Management) world. For professionals already established in the field it also serves as a valuable reference document because it surveys the key topics and technologies involved in IAM solutions.Throughout its chapters, it covers the theory of relevant applicable standards as well as practical open source solutions to deploy an IAM infrastructure in your organization.Interestingly, conceptual background is usually presented in its historical context which helps better understand the shape of the current IAM landscape. On the other hand, the extent to which the examples are driven is very generous. Readers will get a good tech insight out of them.
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software PDF
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software EPub
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software Doc
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software iBooks
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software rtf
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software Mobipocket
Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software Kindle
0 comments:
Post a Comment