O’Reilly Verlag

• 
  • Weitere Informationen zu diesem Buch:

    Inhaltsverzeichnis | Index | Probekapitel | Kolophon | Rezensionen |
    

	

Foreword 
Preface 
1. Introduction

      Business Opportunity 

      Digital Identity Matters 

      Using Digital Identity 

      The Business Context of Identity 

      Foundational Technologies for Digital Identity 

      Identity Management Architectures 
2. Defining Digital Identity

      The Language of Digital Identity 

      Identity Scenarios in the Physical World 

      Identity, Security, and Privacy 

      Digital Identity Perspectives 

      Identity Powershifts 

      Conclusion 
3. Trust

      What Is Trust? 

      Trust and Evidence 

      Trust and Risk 

      Reputation and Trust Communities 

      Conclusion 
4. Privacy and Identity

      Who's Afraid of RFID? 

      Privacy Pragmatism 

      Privacy Drivers 

      Privacy Audits 

      Privacy Policy Capitalism 

      Anonymity and Pseudonymity 

      Privacy Principles 

      Prerequisites 

      Conclusion 
5. The Digital Identity Lifecycle

      Provisioning 

      Propagating 

      Using 

      Maintaining 

      Deprovisioning 

      Conclusion 
6. Integrity, Non-Repudiation, and Confidentiality

      Integrity 

      Non-Repudiation 

      Confidentiality 

      Conclusion 
7. Authentication

      Authentication and Trust 

      Authentication Systems 

      Authentication System Properties 

      Conclusion 
8. Access Control

      Policy First 

      Authorization Patterns 

      Abstract Authorization Architectures 

      Digital Certificates and Access Control 

      Conclusion 
9. Names and Directories

      Utah.gov: Naming and Directories 

      Naming 

      Directories 

      Aggregating Directory Information 

      Conclusion 
10. Digital Rights Management

      Digital Leakage 

      The DRM Battle 

      Apple iTunes: A Case Study in DRM 

      Features of DRM 

      DRM Reference Architecture 

      Trusted Computing Platforms 

      Specifying Rights 

      Conclusion 
11. Interoperability Standards

      Standards and the Digital Identity Lifecycle 

      Integrity and Non-Repudiation: XML Signature 

      Confidentiality: XML Encryption 

      Authentication and Authorization Assertions 

      Example SAML Use Cases 

      Identity Provisioning 

      Representing and Managing Authorization Policies 

      Conclusion 
12. Federating Identity

      Centralized Versus Federated Identity 

      The Mirage of Centralized Efficiency 

      Network Effects and Digital Identity Management 

      Federation in the Credit Card Industry 

      Benefits of Federated Identity 

      Digital Identity Standards 

      Three Federation Patterns 

      Conclusion 
13. An Architecture for Digital Identity

      Identity Management Architecture 

      The Benefits of an Identity Management Architecture 

      Success Factors 

      Roadblocks 

      Identity Management Architecture Components 

      Conclusion 
14. Governance and Business Modeling

      IMA Lifecycle 

      IMA Governance Model 

      Initial Steps 

      Creating a Vision 

      IMA Governing Roles 

      Resources 

      What to Outsource 

      Understanding the Business Context 

      Business Function Matrix 

      IMA Principles 

      Conclusion 
15. Identity Maturity Models and Process Architectures

      Maturity Levels 

      The Maturity Model 

      The Rights Steps at the Right Time 

      Finding Identity Processes 

      Evaluating Processes 

      A Practical Action Plan 

      Filling the Gaps with Best Practices 

      Conclusion 
16. Identity Data Architectures

      Build a Data Architecture 

      Processes Link Identities 

      Data Categorization 

      Identity Data Structure and Metadata 

      Exchanging Identity Data 

      Principles for Identity Data 

      Conclusion 
17. Interoperability Frameworks for Identity

      Principles of a Good IF 

      Contents of an Identity IF 

      Example Interoperability Framework 

      A Word of Warning 

      Conclusion 
18. Identity Policies

      The Policy Stack 

      Attributes of a Good Identity Policy 

      Determining Policy Needs 

      Writing Identity Policies 

      An Identity Policy Suite 

      Assessing Identity Policies 

      Enforcement 

      Procedures 

      Conclusion 
19. Identity Management Reference Architectures

      Reference Architectures 

      Benefits and Pitfalls 

      Reference Architecture Best Practices 

      Using a Reference Architecture 

      Components of a Reference Architecture 

      Technical Position Statements 

      Consolidated Infrastructure Blueprint 

      System Reference Architectures 

      Conclusion 
20. Building an Identity Management Architecture

      Scoping the Process 

      Which Projects Are Enterprise Projects? 

      Sequencing the IMA Effort 

      A Piece at a Time 

      Conclusion: Dispelling IMA Myths 
Index