Role Engineering for Enterprise Security Management
Product Description
Whether you are a manager, engineer, or IT security specialist, this authoritative resource shows you how to define and deploy roles for securing enterprise systems. Written by leading authorities in the field, the book explains how you can build a business case, identify risks, determine project costs, and fully plan and staff a role engineering effort. You find practical techniques that meaningfully define roles and ensure proper assignment of permissions and roles to users.
The book presents tools that enable you to capture permissions and user assignments from existing systems, and analyze user and permission data in scenarios simulating actual system use. Moreover, this practical reference helps you evaluate these tools and decide which ones are right for your own role engineering program. The book also shows how to verify that role structures comply with security policies. You find tips and insights from real-world projects that guarantee you engineer roles strategically and securely.
About the Author
Edward J. Coyne is a senior security engineer at Science Applications International Corporation in Vienna, Virginia. Among his many professional activities, he is a member of Health Level 7’s Security and CCOW Technical committees, chair of the Role-Based Access Control Task Group of the International Committee for Information Technology Standards, and a senior member of the IEEE. He earned a Ph.D. degree in theoretical linguistics from Georgetown University and an M.A. in linguistics from the American University.
John M. Davis is a security architect for the US Department of Veterans Affairs in Encintas, California. He is a voting member of the International Committee for Information Technology Standards and co-chairs both Health Level 7’s Security Technical Committee and Privilege Management Infrastructure Subcommittee for the ASTM Committee E31 on Healthcare Informatics. He holds an M.S. in physics and electronics engineering.
0 comments:
Post a Comment