Nicht aus der Schweiz? Besuchen Sie lehmanns.de
CORBA Security - Robert Blakely

CORBA Security

An Introduction to Safe Computing with Objects

(Autor)

Buch | Softcover
160 Seiten
1999
Addison Wesley (Verlag)
978-0-201-32565-2 (ISBN)
CHF 49,25 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
As OO programming continues to grow, so do the security issues that surround it. This is an introduction to the security procedures that must be adopted to ensure that any application is both robust and secure.
The CORBAsecurity specification adopted by the Object Management Group (OMG) represents a major step forward in making object technology suitable for business application development. The specification document, however, is long, detailed, and complex; it is a time-consuming task for software developers to make their way through it, and it is inaccessible to CIOs and other technical managers who need to understand object security and its impact on their organizations. CORBA Security provides a readable and less technical overview of the specification and a guide to the security of object systems. Written from a policy point of view, the book will help you decide what security policies are appropriate for your organization and evaluate the object-based security options that can help you manage those policies. For those unfamiliar with basic security and object technology concepts, clear introductions to these topics will bring you up to speed. The book also provides a list of questions you can ask your secure object system vendor-questions that will get behind the jargon and acronyms and give you the information you need to determine just how safe the product really is.
Readers will get an in-depth look at each element of computer security and how the CORBAsecurity specification fulfills each of these security needs. Topics covered include identification, authentication, and privilege; access control; message protection; delegation and proxy problems; auditing; and, non-repudiation. The author also provides numerous real-world examples of how secure object systems can be used to enforce useful security policies. 0201325659B04062001

Bob Blakley is Chief Scientist at DASCOM, and before joining DASCOM, was IBM's Lead Security Architect. He was the principal designer of IBM's proposal to the OMG for an Object-Oriented Security Service, and he co-edited the CORBAsecurity standard adopted by the OMG in 1996. Bob is a frequent speaker at software industry and software security conferences such as the RSA Conference, Networld+Interop, GUIDE, the Burton Group Catalyst Conference, and Open Systems Security Symposium, and the Mergent Users' Conference. He has written or co-authored seven papers on cryptography, secret-sharing schemes, access control, and other aspects of computer security, and he holds eight patents on security-related technologies. 0201325659AB04062001

1. Objects and Security.


What Are Objects?



How Do Objects Send Messages?



What Is Security?



Protection.



Authorization.



Accountability.



Availability.



Assurance.



2. Object Security.


Special Object Security Requirements.



Naming.



Scale.



Encapsulation.



An Overview of the CORBA Security Model.



3. Policy.


Protection and Policy.



Subjects.



Objects.



Actions.



Access Control Policy.



Message Protection Policy.



Audit Policy.



Non-Repudiation Policy.



4. Identification, Authentication, and Privilege.


Subjects.



Authentication and Credentials.



Contexts.



5. Access Control.


Managing Access Control Policy.



The Problem of Scale.



Controlling Access Control Policy Scale.



Privilege Attributes Are Groups of Subjects.



Domains Are Groups of Objects.



Required Rights Are Groups of Actions.



Enforcing Access Control Policy.



The accessDecision Procedure.



Combining Policies to Make Access Decisions.



6. Message Protection.


Managing Message Protection Policy.



Quality of Protection.



Defining Message Protection Policy.



Enforcing Message Protection Policy.



7. Delegation.


The Secure Proxy Problem.



Managing Delegation Policy.



Enforcing Delegation Policy.



8. Security Auditing.


Managing Audit Policy.



Event Generation Policy.



Enforcing Audit Policy.



Audit Decisions.



Audit Channels.



9. Non-Repudiation.


Disputes, Evidence, and the Burden of Proof.



Disputes.



Non-Repudiation Evidence.



Non-Repudiation Policies.



Managing Non-Repudiation Policy.



Enforcing Non-Repudiation Policy.



Non-Repudiation Credentials.



Generating Non-Repudiation Evidence.



Arbitrating Disputes Using Non-Repudiation Evidence.



Examples of Disputes.



Non-Repudiation Service Structures.



10. Questions to Ask Your Secure Object System Vendor.


Suggested Reading.


Glossary.


Index. 0201325659T04062001

Erscheint lt. Verlag 12.11.1999
Verlagsort Boston
Sprache englisch
Maße 186 x 233 mm
Gewicht 329 g
Themenwelt Informatik Software Entwicklung Objektorientierung
Informatik Theorie / Studium Kryptologie
ISBN-10 0-201-32565-9 / 0201325659
ISBN-13 978-0-201-32565-2 / 9780201325652
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
objektorientierte Entwicklung modularer Maschinen für die digitale …

von Thomas Schmertosch; Markus Krabbes; Christian Zinke-Wehlmann

Buch | Hardcover (2024)
Hanser (Verlag)
CHF 62,95
Entwicklung von GUIs für verschiedene Betriebssysteme

von Achim Lingott

Buch (2023)
Hanser, Carl (Verlag)
CHF 55,95
Principles and Practice Using C++

von Bjarne Stroustrup

Buch | Softcover (2024)
Addison Wesley (Verlag)
CHF 119,95