View Larger Image	Phillip J. Windley O'Reilly Media, Paperback, Published August 2005, 234 pages, ISBN 0596008783
	List Price: $34.95 Our Price: $17.25 You Save: $17.70 (51% Off)
	Availability: In-Stock

Read an Excerpt: Chapter 13: An Architecture for Digital Identity       Excerpt provided courtesy of O'Reilly and Associates.

People who purchase this book frequently purchase:

• Internet Forensics; Robert Jones, $19.95, 50% Off!
• Perl Best Practices; Damian Conway, $23.95, 40% Off!
• Web Security, Privacy & Commerce, 2nd Edition; Simson Garfinkel, et al, $26.95, 40% Off!
• Learning SQL; Alan Beaulieu, $20.95, 40% Off!

• O'Reilly Media

The rise of network-based, automated services in the past decade has definitely changed the way businesses operate, but not always for the better. Offering services, conducting transactions and moving data on the Web opens new opportunities, but many CTOs and CIOs are more concerned with the risks. Like the rulers of medieval cities, they've adopted a siege mentality, building walls to keep the bad guys out. It makes for a secure perimeter, but hampers the flow of commerce.

Fortunately, some corporations are beginning to rethink how they provide security, so that interactions with customers, employees, partners, and suppliers will be richer and more flexible. Digital Identity explains how to go about it. This book details an important concept known as "identity management architecture" (IMA): a method to provide ample protection while giving good guys access to vital information and systems. In today's service-oriented economy, digital identity is everything. IMA is a coherent, enterprise-wide set of standards, policies, certifications and management activities that enable companies like yours to manage digital identity effectively--not just as a security check, but as a way to extend services and pinpoint the needs of customers.

Author Phil Windley likens IMA to good city planning. Cities define uses and design standards to ensure that buildings and city services are consistent and workable. Within that context, individual buildings--or system architectures--function as part of the overall plan. With Windley's experience as VP of product development for Excite@Home.com and CIO of Governor Michael Leavitt's administration in Utah, he provides a rich, real-world view of the concepts, issues, and technologies behind identity management architecture.

How does digital identity increase business opportunity? Windley's favorite example is the ATM machine. With ATMs, banks can now offer around-the-clock service, serve more customers simultaneously, and do it in a variety of new locations. This fascinating book shows CIOs, other IT professionals, product managers, and programmers how security planning can support business goals and opportunities, rather than holding them at bay.

Table of Contents

Foreword

Preface

1. Introduction
     Business Opportunity
     Digital Identity Matters
     Using Digital Identity
     The Business Context of Identity
     Foundational Technologies for Digital Identity
     Identity Management Architectures

2. Defining Digital Identity
     The Language of Digital Identity
     Identity Scenarios in the Physical World
     Identity, Security, and Privacy
     Digital Identity Perspectives
     Identity Powershifts
     Conclusion

3. Trust
     What Is Trust?
     Trust and Evidence
     Trust and Risk
     Reputation and Trust Communities
     Conclusion

4. Privacy and Identity
     Who's Afraid of RFID?
     Privacy Pragmatism
     Privacy Drivers
     Privacy Audits
     Privacy Policy Capitalism
     Anonymity and Pseudonymity
     Privacy Principles
     Prerequisites
     Conclusion

5. The Digital Identity Lifecycle
     Provisioning
     Propagating
     Using
     Maintaining
     Deprovisioning
     Conclusion

6. Integrity, Non-Repudiation, and Confidentiality
     Integrity
     Non-Repudiation
     Confidentiality
     Conclusion

7. Authentication
     Authentication and Trust
     Authentication Systems
     Authentication System Properties
     Conclusion

8. Access Control
     Policy First
     Authorization Patterns
     Abstract Authorization Architectures
     Digital Certificates and Access Control
     Conclusion

9. Names and Directories
     Utah.gov: Naming and Directories
     Naming
     Directories
     Aggregating Directory Information
     Conclusion

10. Digital Rights Management
     Digital Leakage
     The DRM Battle
     Apple iTunes: A Case Study in DRM
     Features of DRM
     DRM Reference Architecture
     Trusted Computing Platforms
     Specifying Rights
     Conclusion

11. Interoperability Standards
     Standards and the Digital Identity Lifecycle
     Integrity and Non-Repudiation: XML Signature
     Confidentiality: XML Encryption
     Authentication and Authorization Assertions
     Example SAML Use Cases
     Identity Provisioning
     Representing and Managing Authorization Policies
     Conclusion

12. Federating Identity
     Centralized Versus Federated Identity
     The Mirage of Centralized Efficiency
     Network Effects and Digital Identity Management
     Federation in the Credit Card Industry
     Benefits of Federated Identity
     Digital Identity Standards
     Three Federation Patterns
     Conclusion

13. An Architecture for Digital Identity
     Identity Management Architecture
     The Benefits of an Identity Management Architecture
     Success Factors
     Roadblocks
     Identity Management Architecture Components
     Conclusion

14. Governance and Business Modeling
     IMA Lifecycle
     IMA Governance Model
     Initial Steps
     Creating a Vision
     IMA Governing Roles
     Resources
     What to Outsource
     Understanding the Business Context
     Business Function Matrix
     IMA Principles
     Conclusion

15. Identity Maturity Models and Process Architectures
     Maturity Levels
     The Maturity Model
     The Rights Steps at the Right Time
     Finding Identity Processes
     Evaluating Processes
     A Practical Action Plan
     Filling the Gaps with Best Practices
     Conclusion

16. Identity Data Architectures
     Build a Data Architecture
     Processes Link Identities
     Data Categorization
     Identity Data Structure and Metadata
     Exchanging Identity Data
     Principles for Identity Data
     Conclusion

17. Interoperability Frameworks for Identity
     Principles of a Good IF
     Contents of an Identity IF
     Example Interoperability Framework
     A Word of Warning
     Conclusion

18. Identity Policies
     The Policy Stack
     Attributes of a Good Identity Policy
     Determining Policy Needs
     Writing Identity Policies
     An Identity Policy Suite
     Assessing Identity Policies
     Enforcement
     Procedures
     Conclusion

19. Identity Management Reference Architectures
     Reference Architectures
     Benefits and Pitfalls
     Reference Architecture Best Practices
     Using a Reference Architecture
     Components of a Reference Architecture
     Technical Position Statements
     Consolidated Infrastructure Blueprint
     System Reference Architectures
     Conclusion

20. Building an Identity Management Architecture
     Scoping the Process
     Which Projects Are Enterprise Projects?
     Sequencing the IMA Effort
     A Piece at a Time
     Conclusion: Dispelling IMA Myths

Index

About the Author

Phillip J. Windley is an Associate Professor of Computer Science at Brigham Young University. Dr. Windley is a nationally recognized expert in using information technology (IT) to add value to the business. Windley received his PhD in Computer Science from the University of California, Davis in 1990. Prior to doing graduate studies, Windley worked for 4 years as a nuclear metallurgist and a member of the technical staff at the Department of Energy's Division of Naval Reactors.

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account