Mechanics of User Identification and Authentication: Fundamentals of Identity Management, 1st Edition (Hardback) book cover

Mechanics of User Identification and Authentication

Fundamentals of Identity Management, 1st Edition

By Dobromir Todorov

Auerbach Publications

760 pages | 164 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781420052190
pub: 2007-06-18
$115.00
x
eBook (VitalSource) : 9780429133138
pub: 2007-06-18
from $28.98


FREE Standard Shipping!

Description

User identification and authentication are essential parts of information security. Users must authenticate as they access their computer systems at work or at home every day. Yet do users understand how and why they are actually being authenticated, the security level of the authentication mechanism that they are using, and the potential impacts of selecting one authentication mechanism or another?

Introducing key concepts, Mechanics of User Identification and Authentication: Fundamentals of Identity Management outlines the process of controlled access to resources through authentication, authorization, and accounting in an in-depth, yet accessible manner. It examines today's security landscape and the specific threats to user authentication. The book then outlines the process of controlled access to resources and discusses the types of user credentials that can be presented as proof of identity prior to accessing a computer system. It also contains an overview on cryptography that includes the essential approaches and terms required for understanding how user authentication works.

This book provides specific information on the user authentication process for both UNIX and Windows. Addressing more advanced applications and services, the author presents common security models such as GSSAPI and discusses authentication architecture. Each method is illustrated with a specific authentication scenario.

Reviews

"By the authors providing a 'hacker' perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. … [T]here are important discussions of the non-technical kind [of insecurity] like policy, which is too often overlooked in many organizations. … What is most impressive about the book is its outlines of specific exploits and attacks with prescribed defenses. … Coupled with good illustrations and detailed explanations[,] this is a great resource…"

- E-Streams, Vol. 7, No. 9, September 2004

"This is a must-have book for those preparing for the CISSP exam and for any information security professional."

- Zentralblatt MATH 1054, May 2005

Table of Contents

USER IDENTIFICATION AND AUTHENTICATION CONCEPTS

Security Landscape

Authentication, Authorization, and Accounting

Threats to User Identification and Authentication Rainbow Attacks

Authentication Credentials

Enterprise User Identification and Authentication Challenges

Authenticating Access to Services and the Infrastructure

Delegation and Impersonation

Cryptology, Cryptography, and Cryptanalysis

UNIX USER AUTHENTICATION ARCHITECTURE

Users and Groups

Simple User Credential Stores

Name Services Switch (NSS)

Pluggable Authentication Modules (PAM)

The UNIX Authentication Process

User Impersonation

Case Study: User Authentication Against LDAP

Case Study: Using Hesiod for User Authentication in Linux

WINDOWS USER AUTHENTICATION ARCHITECTURE

Security Principals

Stand-Alone Authentication

Windows Domain Authentication

Federated Trusts

Impersonation

AUTHENTICATING ACCESS TO SERVICES AND APPLICATIONS

Security Programming Interfaces

Authentication Protocols

Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

Telnet Authentication

HTTP Authentication

POP3/IMAP Authentication

SMTP Authentication

SSH Authentication

Sun RPC Authentication

SMB/CIFS Authentication

NFS Authentication

Microsoft Remote Procedure Calls

MS SQL Authentication

Oracle Database Server Authentication

Oracle Legacy Authentication Database

MS Exchange MAPI Authentication

SAML, WS-Security, and Federated Identity

AUTHENTICATING ACCESS TO THE INFRASTRUCTURE

User Authentication on Cisco Routers and Switches

Authenticating Remote Access to the Infrastructure

Port-Based Access Control

Authenticating Access to the Wireless Infrastructure

IPSec, IKE, and VPN Client Authentication

Centralized User Authentication

APPENDICES

References

Lab Configuration

Indices of Tables and Figures

Subject Categories

BISAC Subject Codes/Headings:
BUS073000
BUSINESS & ECONOMICS / Commerce
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General