Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.

Prix Kindle : EUR 18,47

EUR 13,70 (43%)

TVA incluse

Ces promotions seront appliquées à cet article :

Certaines promotions sont cumulables avec d'autres offres promotionnelles, d'autres non. Pour en savoir plus, veuillez vous référer aux conditions générales de ces promotions.

Envoyer sur votre Kindle ou un autre appareil

Envoyer sur votre Kindle ou un autre appareil

Digital Identity: Unmasking Identity Management Architecture (IMA) par [Windley, Phillip J.]
Publicité sur l'appli Kindle

Digital Identity: Unmasking Identity Management Architecture (IMA) Format Kindle

Voir les 2 formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
EUR 18,47

Longueur : 254 pages Langue : Anglais

Description du produit

Présentation de l'éditeur

The rise of network-based, automated services in the past decade has definitely changed the way businesses operate, but not always for the better. Offering services, conducting transactions and moving data on the Web opens new opportunities, but many CTOs and CIOs are more concerned with the risks. Like the rulers of medieval cities, they've adopted a siege mentality, building walls to keep the bad guys out. It makes for a secure perimeter, but hampers the flow of commerce.

Fortunately, some corporations are beginning to rethink how they provide security, so that interactions with customers, employees, partners, and suppliers will be richer and more flexible. Digital Identity explains how to go about it. This book details an important concept known as "identity management architecture" (IMA): a method to provide ample protection while giving good guys access to vital information and systems. In today's service-oriented economy, digital identity is everything. IMA is a coherent, enterprise-wide set of standards, policies, certifications and management activities that enable companies like yours to manage digital identity effectively--not just as a security check, but as a way to extend services and pinpoint the needs of customers.

Author Phil Windley likens IMA to good city planning. Cities define uses and design standards to ensure that buildings and city services are consistent and workable. Within that context, individual buildings--or system architectures--function as part of the overall plan. With Windley's experience as VP of product development for and CIO of Governor Michael Leavitt's administration in Utah, he provides a rich, real-world view of the concepts, issues, and technologies behind identity management architecture.

How does digital identity increase business opportunity? Windley's favorite example is the ATM machine. With ATMs, banks can now offer around-the-clock service, serve more customers simultaneously, and do it in a variety of new locations. This fascinating book shows CIOs, other IT professionals, product managers, and programmers how security planning can support business goals and opportunities, rather than holding them at bay.

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 1188 KB
  • Nombre de pages de l'édition imprimée : 256 pages
  • Utilisation simultanée de l'appareil : Illimité
  • Editeur : O'Reilly Media; Édition : 1 (1 août 2005)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B0026OR3DA
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Composition améliorée: Non activé
  • Moyenne des commentaires client : Soyez la première personne à écrire un commentaire sur cet article
  • Classement des meilleures ventes d'Amazon: n°913.654 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  • Voulez-vous nous parler de prix plus bas?

click to open popover

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoile

Commentaires client les plus utiles sur (beta) (Peut contenir des commentaires issus du programme Early Reviewer Rewards) 3.8 étoiles sur 5 15 commentaires
2 internautes sur 3 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 If you want to know IDM and do not know whwere to start! 4 mai 2006
Par -jim - Publié sur
Format: Broché Achat vérifié
One of the best coverings of the Identity Management space and I am sure that Phillip could have written several thousand more pages on the subject.

Excellent for any CXO that thinks there might be something to this Identity Management.

I wish all the CXO's I have worked with in the this space had read this book, it would sure save them and me a lot of time and them a lot of money wasted on "stop-gaps" that are sure to be dead-on-delivery projects.
2 internautes sur 3 ont trouvé ce commentaire utile 
2.0 étoiles sur 5 Confusing technology with delivery management 7 janvier 2010
Par Seetharama Rao V. Durbha - Publié sur
Format: Broché Achat vérifié
Though this book covers some basic issues surrounding identity management, the architecture part is very weak. What I felt is that the author is confusing delivery management with the technology itself. Major sections of the book (under the guise of governance) are devoted to people and expectation management and politics rather than technology. Majority of what is discussed is applicable universally to execution of any project in any decent sized organization. Not that this books has nothing to offer on IMA itself - but it is too generic and very little on actual technology.
0 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Excellent! Complete and easy to understand 15 novembre 2012
Par Mauricio Nunes - Publié sur
Format: Format Kindle Achat vérifié
The book presents all the characteristics, goals and challenges when we think on Identity Management.
I work in a IM project and this book made clear a lot of gaps I had in my knowledge. Also, it helped me to understand the real importance of a good identity management infrastructure for the organization as a whole, not only for IT.
4 internautes sur 4 ont trouvé ce commentaire utile 
2.0 étoiles sur 5 Incomplete, and lacks the practical side 4 juillet 2013
Par CeSinge - Publié sur
Format: Format Kindle
I selected this book based on an upcoming IAM project I'd be involved in, and on Amazon reader recommendations (overly positive, as it turns out). The book, written around 2003 is a bit outdated in some points, but this is not too much of an issue given its focus: governance, broad principles of identity management, high level theoretical guidelines of architecture. Sure, it is a good refresh of the high level governance principles that should guide identity management projects from a managerial perspective.

But the book clearly lacks substance when it comes to the practical implementation. While it is of some help during the planning phase of IM projects, it essentially stops where one wants to start. Conceptual approach, theoretical design, planning are one thing. Implementing is another, totally absent here. The book will not help in areas like dimensioning, practical issues and pitfalls, product evaluation, actual design and architecture, ROI, cost vs benefit and such. It is totally lacking any How To?

The book starts the traditional way: explaining what digital identity is. This is followed by about 8 chapters about the constituents of identity management, including authentication, trust, integrity, non-repudiation, and even digital rights management. Except for a very brief refresher, I think these have no place here and they should have been summarized in one single chapter. Other books treat this much better, and many readers will find this part to be a somewhat boring given it is background knowledge for any CISSP-level security person. The DRM chapter (Chapter 10), and some other parts in this area are even irrelevant, in my view.

This first part is followed by two chapters on (11) Interoperability Standards and (12) Federating Identity. Here again, the Interoperability Standards goes into unneeded technical details and misses the point. It is not giving the reader an understanding of the real issues: interoperability for what purpose? What are the issues? How can we go about them?

On the other hand, the Federating Identity chapter should probably be substantially expanded, as it is the meat of what identity management is about today. Three or four chapters should probably be devoted to this, and they should include practical examples of scenarios, architectures. It should be shown why identity federation is key, but again, the chapter does not go beyond very high-level and theoretical principles.

Finally, the book concludes with about eight chapters on architecture, governance, policies and such. While these give an idea of what is required in a well governed enterprise with an advanced maturity model, once again, these chapters lack real practical usability. In addition, this part is really not specific to identity management, but is rather a short summary of what has to be done in terms of governance, enterprise and reference architectures, and policy management.

Having read the book, I'm kind of disappointed. Facing a real project on identity management, the reader will surely think. Good, and now, what do we do? Possibly, it may make happy the high-level manager only seeking to understand what identity management is about, with no intention to get involved in the project.

This other reader, Prasad Reddy, summarizes it very well: "The book absolutely fails and falls short on explaining the identity management standards and technologies related to single sign-on, federation, provisioning and assurance. From a real-world IDMS deployment perspective the book is truly misleading !". Why so many gave it 4 or 5 stars is unclear. I'd hesitate between 2 and 3.

Useless, no, but I will still have to look out for something more useable in real life.
7 internautes sur 9 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Good introduction to IMA 16 novembre 2005
Par Ben Rothke - Publié sur
Format: Broché
Many people who review their credit report for the first time are shocked to learn how many identities are linked to them. Even when there is no problem of identity theft, it is not uncommon for people to have 10 or more names linked to their credit reports due to various errors, including permutation of their name.

Just as it is difficult to maintain and manage identities in the real world, it is difficult to maintain and manage digital identities. As the digital economy is becoming more ubiquitous, the need for a single federated identity is becoming more critical. In Digital Identity, Phillip Windley details the steps needed to develop an identity management architecture (IMA).

Identity management has become a pressing need in the past few years. This has come about because networks and systems are no longer geared around a single infrastructure, and businesses have become increasingly virtual and decentralized. In previous years, there were simply internal users. Today, systems have internal users, along with external users such as consultants, contractors, third-parties, customers, collaborators, and many more. Such requirements necessitate a well-designed and planned IMA.

So what is this thing called IMA? Windley defines an IMA as the coherent, enterprise-wide set of standards, policies, certifications, and management activities that enable an organization to effectively manage digital identities.

IMA is also known as federated identity. The book notes that the real challenge in developing a federated identity infrastructure is dealing with the various different hardware and software platforms where user accounts reside, and working with different organizations and departments, including the ever-increasing amount of outsourcing. When all of that is put together, a single federated identity is not easy to come by if there is not an IMA in place.

The beauty of an IMA is that it allows an organization to securely link and exchange identity information across partner, supplier, and customer organizations, while having a single architecture. This makes identity management seamless.

The first 11 chapters of Digital Identity do a good job of introducing the underlying concepts of an IMA, including security, trust, authentication, access control, and names and directories. Without an effective security infrastructure in place, any IMA deployed will not be fully effective.

One oddity, though, is that in Chapter 6, the author defines cryptography as the science of making the cost of discovery of hidden information greater than the value of the information itself. This is the author's own characterization of cryptography and while interesting, is not how it is used in mainstream security.

Chapter 12 starts to get into the internals of federated identities. This and the rest of the chapters do not deal with the deep technical details of an IMA, rather it shows how to design and deploy the IMA in a context of a corporate environment under a single set of policies and procedures. Windley emphasizes that an IMA is not so much a technical issue, but rather a business issue that must be deployed in a business context.

This idea of a business context is manifest in Chapter 18, which deals with identity policies. The book creates what it calls an IMA policy stack, which is the interoperability framework for the IMA. The stack includes all of the elements necessary for the IMA, and comprises an identity management architecture, framework, and set of standards. The standards include all protocols and applications, from SSL, XML, LDAP, DNS, and much more. The framework includes policy issues such as naming, passwords, encryption, provisioning, and more. Finally, the architecture details the specific high-level controls (procurement, contracts, licensing, etc.) around the IMA.

The book itself is worth it solely for the information in this chapter. Anyone attempting to deploy an IMA without first getting a handle on the issues details in Chapter 18 will find that their IMA will likely be seriously deficient.

The only negatives to the book are a few too many editing mistakes that should have been caught during the editing process. Also, the author frequently discusses his own trials and tribulations of using an IMA during his short stint as CIO of the State of Utah and with previous employers. Depending on the readers' specific tastes, some my find the heavy use of the first-person anecdotes to be a negative.

Overall, Digital Identity provides the reader with a good introduction to the various areas necessary to develop a productive identity management infrastructure. Anyone planning to deploy an IMA or any sort of federated identity solution in a corporate environment will find Digital Identity a valuable reference.
Ces commentaires ont-ils été utiles ? Dites-le-nous