Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Digital Identity
Foreword Preface
Who Should Read This Book Conventions Used in This Book Comments and Questions Safari Enabled Acknowledgments
1. Introduction
1.1. Business Opportunity 1.2. Digital Identity Matters 1.3. Using Digital Identity 1.4. The Business Context of Identity 1.5. Foundational Technologies for Digital Identity 1.6. Identity Management Architectures
2. Defining Digital Identity
2.1. The Language of Digital Identity 2.2. Identity Scenarios in the Physical World 2.3. Identity, Security, and Privacy 2.4. Digital Identity Perspectives 2.5. Identity Powershifts 2.6. Conclusion
3. Trust
3.1. What Is Trust? 3.2. Trust and Evidence 3.3. Trust and Risk 3.4. Reputation and Trust Communities 3.5. Conclusion
4. Privacy and Identity
4.1. Who's Afraid of RFID? 4.2. Privacy Pragmatism 4.3. Privacy Drivers 4.4. Privacy Audits 4.5. Privacy Policy Capitalism 4.6. Anonymity and Pseudonymity 4.7. Privacy Principles 4.8. Prerequisites 4.9. Conclusion
5. The Digital Identity Lifecycle
5.1. Provisioning 5.2. Propagating 5.3. Using 5.4. Maintaining 5.5. Deprovisioning 5.6. Conclusion
6. Integrity, Non-Repudiation, and Confidentiality
6.1. Integrity 6.2. Non-Repudiation 6.3. Confidentiality
6.3.1. Cryptography
6.3.1.1. Secret keys 6.3.1.2. Public key cryptography 6.3.1.3. Hybrid key systems 6.3.1.4. Public key cryptosystem algorithms
6.3.2. Message Digests and Hashes 6.3.3. Digital Signatures 6.3.4. Digital Certificates 6.3.5. Certificate Authorities 6.3.6. Certificate Revocations Lists 6.3.7. Public-Key Infrastructures 6.3.8. Going Further
6.4. Conclusion
7. Authentication
7.1. Authentication and Trust 7.2. Authentication Systems
7.2.1. Cookies 7.2.2. ID and Password
7.2.2.1. Password management 7.2.2.2. Password reset
7.2.3. Challenge-Response Systems 7.2.4. Digital Certificates 7.2.5. Biometric Devices 7.2.6. Smart Cards
7.3. Authentication System Properties
7.3.1. Practicality 7.3.2. Appropriate Level of Security 7.3.3. Locational Transparency 7.3.4. Protocol Insensitivity 7.3.5. Appropriate Level of Privacy 7.3.6. Reliability 7.3.7. Auditability 7.3.8. Manageability 7.3.9. Federation Support
7.4. Conclusion
8. Access Control
8.1. Policy First
8.1.1. Responsibility 8.1.2. Principle of Least Privilege 8.1.3. Accountability Scales Better than Enforcement
8.2. Authorization Patterns
8.2.1. Mandatory and Discretionary Access Control 8.2.2. User-Based Permission Systems 8.2.3. Access-Control Lists 8.2.4. Role-Based Access Control
8.3. Abstract Authorization Architectures 8.4. Digital Certificates and Access Control 8.5. Conclusion
9. Names and Directories
9.1. Utah.gov: Naming and Directories 9.2. Naming
9.2.1. Namespaces 9.2.2. Uniform Resource Indicators: A Universal Namespace 9.2.3. Cool URIs Don't Change
9.3. Directories
9.3.1. Directories Are Not Databases 9.3.2. An Example Directory 9.3.3. Enterprise Directory Services
9.3.3.1. Domain Name System 9.3.3.2. RMIRegistry 9.3.3.3. X.500: heavyweight directory services 9.3.3.4. LDAP
9.4. Aggregating Directory Information
9.4.1. Metadirectories 9.4.2. Virtual Directories
9.5. Conclusion
10. Digital Rights Management
10.1. Digital Leakage 10.2. The DRM Battle 10.3. Apple iTunes: A Case Study in DRM 10.4. Features of DRM 10.5. DRM Reference Architecture 10.6. Trusted Computing Platforms 10.7. Specifying Rights
10.7.1. XrML
10.8. Conclusion
11. Interoperability Standards
11.1. Standards and the Digital Identity Lifecycle 11.2. Integrity and Non-Repudiation: XML Signature 11.3. Confidentiality: XML Encryption 11.4. Authentication and Authorization Assertions 11.5. Example SAML Use Cases 11.6. Identity Provisioning
11.6.1. SPML Requests and Responses
11.7. Representing and Managing Authorization Policies 11.8. Conclusion
12. Federating Identity
12.1. Centralized Versus Federated Identity 12.2. The Mirage of Centralized Efficiency 12.3. Network Effects and Digital Identity Management 12.4. Federation in the Credit Card Industry 12.5. Benefits of Federated Identity 12.6. Digital Identity Standards
12.6.1. Microsoft, IBM, and the WS-* Roadmap 12.6.2. OASIS 12.6.3. Liberty Alliance 12.6.4. Internet2 and Shibboleth 12.6.5. The Future of Federation Standards
12.7. Three Federation Patterns
12.7.1. Pattern 1: Ad Hoc Federation 12.7.2. Pattern 2: Hub-and-Spoke Federation
12.7.2.1. Bank of America: a cautionary tale
12.7.3. Scenario 3: Identity Network 12.7.4. Addressing the Problem of Trust 12.7.5. A Secure, Protected Environment 12.7.6. The Future of Federated Identity Networks
12.8. Conclusion
13. An Architecture for Digital Identity
13.1. Identity Management Architecture 13.2. The Benefits of an Identity Management Architecture 13.3. Success Factors 13.4. Roadblocks 13.5. Identity Management Architecture Components 13.6. Conclusion
14. Governance and Business Modeling
14.1. IMA Lifecycle 14.2. IMA Governance Model 14.3. Initial Steps 14.4. Creating a Vision 14.5. IMA Governing Roles
14.5.1. Primary Roles 14.5.2. Supporting Roles
14.6. Resources 14.7. What to Outsource 14.8. Understanding the Business Context 14.9. Business Function Matrix
14.9.1. Creating the Business Function Matrix
14.10. IMA Principles 14.11. Conclusion
15. Identity Maturity Models and Process Architectures
15.1. Maturity Levels 15.2. The Maturity Model
15.2.1. Level 1: Ad Hoc 15.2.2. Level 2: Focused 15.2.3. Level 3: Standardized 15.2.4. Level 4: Integrated
15.3. The Rights Steps at the Right Time 15.4. Finding Identity Processes 15.5. Evaluating Processes 15.6. A Practical Action Plan 15.7. Filling the Gaps with Best Practices 15.8. Conclusion
16. Identity Data Architectures
16.1. Build a Data Architecture
16.1.1. Processes Trump Data
16.2. Processes Link Identities
16.2.1. Employee Provisioning 16.2.2. The Identity Data Inventory
16.3. Data Categorization
16.3.1. Identity Data Audit 16.3.2. Identity Mapping 16.3.3. Process-to-Identity Matrix
16.4. Identity Data Structure and Metadata 16.5. Exchanging Identity Data 16.6. Principles for Identity Data 16.7. Conclusion
17. Interoperability Frameworks for Identity
17.1. Principles of a Good IF 17.2. Contents of an Identity IF
17.2.1. Standard Status 17.2.2. Listing Standards
17.3. Example Interoperability Framework 17.4. A Word of Warning 17.5. Conclusion
18. Identity Policies
18.1. The Policy Stack 18.2. Attributes of a Good Identity Policy 18.3. Determining Policy Needs
18.3.1. Business Inspired Projects and Processes 18.3.2. Security Considerations 18.3.3. Meeting External Requirements 18.3.4. Feedback on Existing Policies
18.4. Writing Identity Policies
18.4.1. Policy Outline
18.5. An Identity Policy Suite
18.5.1. Naming and Certificates 18.5.2. Passwords 18.5.3. Encryption and Digital Signatures 18.5.4. Directories 18.5.5. Privacy 18.5.6. Authentication 18.5.7. Access Control 18.5.8. Provisioning 18.5.9. Federation 18.5.10. The Policy Review Framework
18.6. Assessing Identity Policies 18.7. Enforcement 18.8. Procedures 18.9. Conclusion
19. Identity Management Reference Architectures
19.1. Reference Architectures 19.2. Benefits and Pitfalls 19.3. Reference Architecture Best Practices 19.4. Using a Reference Architecture 19.5. Components of a Reference Architecture 19.6. Technical Position Statements
19.6.1. Making Decisions About Technical Positions
19.7. Consolidated Infrastructure Blueprint
19.7.1. Goal State CIBs
19.8. System Reference Architectures 19.9. Conclusion
20. Building an Identity Management Architecture
20.1. Scoping the Process 20.2. Which Projects Are Enterprise Projects? 20.3. Sequencing the IMA Effort 20.4. A Piece at a Time 20.5. Conclusion: Dispelling IMA Myths
Colophon
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion