- 2 402 202 книги
- Поиск
libcats.org
Role-Based Access Control, Second Edition
David F. Ferraiolo, D. Richard Kuhn, Ramaswamy ChandramouliOverall, this is a very comprehensive book that covers almost all aspects of RBAC.
What strikes me the most when reading this book, is the academic and theoretical nature of its contents. For example, the diagrams and especially the formulas, which are used to illustrate things, are likely difficult to grasp for a non-expert and will probably not elucidate the discussions in an average RBAC project. Since RBAC affects many different people in the organization, from business to IT, the subject should be presented as straightforward and simple as possible.
The book starts with a, useful, overview of access control. The different types, such as DAC `Discretionary Access Control' and MAC `Mandatory Access Control', are explained and compared with RBAC.
In one of the subsequent chapters the authors discuss how RBAC can be combined with other access control mechanisms. But the theoretical nature of the book is exemplified at the end of one of the discussions when it is stated that `To date, systems supporting both MAC and RBAC have not been produced, but the approaches discussed in this chapter show that such a system is possible.'
One of the most important chapters in my view is the one that deals with SOD `Segregation (or Separation) Of Duties'. SOD is an effective means to combat fraud.
Also useful, however brief, is the chapter, in which the authors discuss how RBAC can be used in regulatory compliance.
Throughout the book a number of frameworks, techniques and mechanisms are described how to integrate RBAC in real life environments. In the last chapter four arbitrarly chosen provisioning products (here called enterprise security administration products) are discussed, most of which, however, only offer moderate support for role modeling and RBAC administration. The products that do offer such support in a much better way, such as those from Bridgestream (now Oracle), Eurikify, BHOLD and Vaau (now Sun Microsystems), are surprisingly enough not mentioned at all.
What also is missing is a comparison of job functions and RBAC roles. Many people ask themselves how these relate to or differ from each other.
The examples, which are used, are almost exclusively from financial and health care organizations. Examples from government organizations as well as from educational institutes and production environments would have been helpful as well, since these kinds of organizations have their own unique RBAC requirements.
Rob van der Staaij
What strikes me the most when reading this book, is the academic and theoretical nature of its contents. For example, the diagrams and especially the formulas, which are used to illustrate things, are likely difficult to grasp for a non-expert and will probably not elucidate the discussions in an average RBAC project. Since RBAC affects many different people in the organization, from business to IT, the subject should be presented as straightforward and simple as possible.
The book starts with a, useful, overview of access control. The different types, such as DAC `Discretionary Access Control' and MAC `Mandatory Access Control', are explained and compared with RBAC.
In one of the subsequent chapters the authors discuss how RBAC can be combined with other access control mechanisms. But the theoretical nature of the book is exemplified at the end of one of the discussions when it is stated that `To date, systems supporting both MAC and RBAC have not been produced, but the approaches discussed in this chapter show that such a system is possible.'
One of the most important chapters in my view is the one that deals with SOD `Segregation (or Separation) Of Duties'. SOD is an effective means to combat fraud.
Also useful, however brief, is the chapter, in which the authors discuss how RBAC can be used in regulatory compliance.
Throughout the book a number of frameworks, techniques and mechanisms are described how to integrate RBAC in real life environments. In the last chapter four arbitrarly chosen provisioning products (here called enterprise security administration products) are discussed, most of which, however, only offer moderate support for role modeling and RBAC administration. The products that do offer such support in a much better way, such as those from Bridgestream (now Oracle), Eurikify, BHOLD and Vaau (now Sun Microsystems), are surprisingly enough not mentioned at all.
What also is missing is a comparison of job functions and RBAC roles. Many people ask themselves how these relate to or differ from each other.
The examples, which are used, are almost exclusively from financial and health care organizations. Examples from government organizations as well as from educational institutes and production environments would have been helpful as well, since these kinds of organizations have their own unique RBAC requirements.
Rob van der Staaij
EPUB | FB2 | MOBI | TXT | RTF
* Конвертация файла может нарушить форматирование оригинала. По-возможности скачивайте файл в оригинальном формате.
Популярные книги за неделю:
Проектирование и строительство. Дом, квартира, сад
Автор: Петер Нойферт, Автор: Людвиг Нефф
Размер книги: 20.83 Mb
Система упражнений по развитию способностей человека (Практическое пособие)
Автор: Петров Аркадий НаумовичКатегория: Путь к себе
Размер книги: 818 Kb
Сотворение мира (3-х томник)
Автор: Петров Аркадий НаумовичКатегория: Путь к себе
Размер книги: 817 Kb
Радиолюбительские схемы на ИС типа 555
Автор: Трейстер Р.Категория: Электротехника и связь
Размер книги: 13.64 Mb
Только что пользователи скачали эти книги:
Великое делание, или Удивительная история доктора Меканикуса и его собаки Альмы
Автор: Полещук АлександрКатегория: Научная Фантастика
Размер книги: 331 Kb
Акты феодального землевладения и хозяйства. Часть 2
Автор: Зимин А.А., Автор: подготовка к печати
Размер книги: 9.28 Mb
Fakten, Fälschungen und die unterdrückten Beweise des 11.9.
Автор: Daniel Hopsicker, Автор: Mathias Hauß, Автор: Andreas Bröckers
Размер книги: 1.61 Mb
Consuls and Res Publica: Holding High Office in the Roman Republic
Автор: Hans Beck, Автор: Antonio Duplá, Автор: Martin Jehne, Автор: Francisco Pina Polo (editors)
Размер книги: 2.68 Mb
Global Administrative Law and EU Administrative Law: Relationships, Legal Issues and Comparison
Автор: Edoardo Chiti, Автор: Bernardo Giorgio Mattarella
Размер книги: 1.92 Mb
Тетрадь Логопедические кроссворды 5-6 лет
Автор: Н. Созонова, Автор: Е. КуцинаКатегория: КНИГИ ДЛЯ ДЕТЕЙ
Размер книги: 5.74 Mb