1st Edition
Mechanics of User Identification and Authentication Fundamentals of Identity Management
By Dobromir Todorov
Copyright 2007
754 Pages
164 B/W Illustrations
by
Auerbach Publications
760 Pages
by
Auerbach Publications
Also available as eBook on:
User identification and authentication are essential parts of information security. Users must authenticate as they access their computer systems at work or at home every day. Yet do users understand how and why they are actually being authenticated, the security level of the authentication mechanism that they are using, and the potential impacts of selecting one authentication mechanism or... Read more
USER IDENTIFICATION AND AUTHENTICATION CONCEPTS
Security Landscape
Authentication, Authorization, and Accounting
Threats to User Identification and Authentication Rainbow Attacks
Authentication Credentials
Enterprise User Identification and Authentication Challenges
Authenticating Access to Services and the Infrastructure
Delegation and Impersonation
Cryptology, Cryptography, and Cryptanalysis
UNIX USER AUTHENTICATION ARCHITECTURE
Users and Groups
Simple User Credential Stores
Name Services Switch (NSS)
Pluggable Authentication Modules (PAM)
The UNIX Authentication Process
User Impersonation
Case Study: User Authentication Against LDAP
Case Study: Using Hesiod for User Authentication in Linux
WINDOWS USER AUTHENTICATION ARCHITECTURE
Security Principals
Stand-Alone Authentication
Windows Domain Authentication
Federated Trusts
Impersonation
AUTHENTICATING ACCESS TO SERVICES AND APPLICATIONS
Security Programming Interfaces
Authentication Protocols
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Telnet Authentication
HTTP Authentication
POP3/IMAP Authentication
SMTP Authentication
SSH Authentication
Sun RPC Authentication
SMB/CIFS Authentication
NFS Authentication
Microsoft Remote Procedure Calls
MS SQL Authentication
Oracle Database Server Authentication
Oracle Legacy Authentication Database
MS Exchange MAPI Authentication
SAML, WS-Security, and Federated Identity
AUTHENTICATING ACCESS TO THE INFRASTRUCTURE
User Authentication on Cisco Routers and Switches
Authenticating Remote Access to the Infrastructure
Port-Based Access Control
Authenticating Access to the Wireless Infrastructure
IPSec, IKE, and VPN Client Authentication
Centralized User Authentication
APPENDICES
References
Lab Configuration
Indices of Tables and Figures
Security Landscape
Authentication, Authorization, and Accounting
Threats to User Identification and Authentication Rainbow Attacks
Authentication Credentials
Enterprise User Identification and Authentication Challenges
Authenticating Access to Services and the Infrastructure
Delegation and Impersonation
Cryptology, Cryptography, and Cryptanalysis
UNIX USER AUTHENTICATION ARCHITECTURE
Users and Groups
Simple User Credential Stores
Name Services Switch (NSS)
Pluggable Authentication Modules (PAM)
The UNIX Authentication Process
User Impersonation
Case Study: User Authentication Against LDAP
Case Study: Using Hesiod for User Authentication in Linux
WINDOWS USER AUTHENTICATION ARCHITECTURE
Security Principals
Stand-Alone Authentication
Windows Domain Authentication
Federated Trusts
Impersonation
AUTHENTICATING ACCESS TO SERVICES AND APPLICATIONS
Security Programming Interfaces
Authentication Protocols
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Telnet Authentication
HTTP Authentication
POP3/IMAP Authentication
SMTP Authentication
SSH Authentication
Sun RPC Authentication
SMB/CIFS Authentication
NFS Authentication
Microsoft Remote Procedure Calls
MS SQL Authentication
Oracle Database Server Authentication
Oracle Legacy Authentication Database
MS Exchange MAPI Authentication
SAML, WS-Security, and Federated Identity
AUTHENTICATING ACCESS TO THE INFRASTRUCTURE
User Authentication on Cisco Routers and Switches
Authenticating Remote Access to the Infrastructure
Port-Based Access Control
Authenticating Access to the Wireless Infrastructure
IPSec, IKE, and VPN Client Authentication
Centralized User Authentication
APPENDICES
References
Lab Configuration
Indices of Tables and Figures
Biography
Dobromir Todorov
"By the authors providing a 'hacker' perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. … [T]here are important discussions of the non-technical kind [of insecurity] like policy, which is too often overlooked in many organizations. … What is most impressive about the book is its outlines of specific exploits and attacks with prescribed defenses. … Coupled with good illustrations and detailed explanations[,] this is a great resource…"
- E-Streams, Vol. 7, No. 9, September 2004
"This is a must-have book for those preparing for the CISSP exam and for any information security professional."
- Zentralblatt MATH 1054, May 2005
