{"product_id":"enterprise-level-security-2-9780367532963","title":"Enterprise Level Security 2","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cstrong\u003e\u003cem\u003eEnterprise Level Security 2: Advanced Topics in an Uncertain World\u003c\/em\u003e\u003c\/strong\u003e follows on from the authorsâ first book on Enterprise Level Security (ELS), which covered the basic concepts of ELS and the discoveries made during the first eight years of its development. This book follows on from this to give a discussion of advanced topics and solutions, derived from 16 years of research, pilots, and operational trials in putting an enterprise system together. The chapters cover specific advanced topics derived from painful mistakes and numerous revisions of processes. This book covers many of the topics omitted from the first book including multi-factor authentication, cloud key management, enterprise change management, entity veracity, homomorphic computing, device management, mobile ad hoc, big data, mediation, and several other topics.\u003c\/p\u003e\u003cul\u003e \u003cli\u003eThe ELS model of enterprise security is endorsed by the Secretary of the Air Force for Air Force computing systems and is\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eChapter 1. The First 16 Years.\u003c\/p\u003e\n\u003cp\u003e1.1 The Beginning of Enterprise Level Security (ELS).\u003c\/p\u003e\n\u003cp\u003e1.2 Design Principles. \u003c\/p\u003e\n\u003cp\u003e1.3 Key Concepts. \u003c\/p\u003e\n\u003cp\u003e1.4 Implementation.\u003c\/p\u003e\n\u003cp\u003eChapter 2. A Brief Review of the Initial Book. \u003c\/p\u003e\n\u003cp\u003e2.1 Security Principles. \u003c\/p\u003e\n\u003cp\u003e2.2 ELS Framework. \u003c\/p\u003e\n\u003cp\u003eChapter 3. Minimal Requirements for the Advanced Topics. \u003c\/p\u003e\n\u003cp\u003e3.1 Needed Capabilities. \u003c\/p\u003e\n\u003cp\u003e3.2 Creating an Attribute Store. \u003c\/p\u003e\n\u003cp\u003e3.3 Registering a Service. \u003c\/p\u003e\n\u003cp\u003e3.4 Computing Claims. \u003c\/p\u003e\n\u003cp\u003e3.5 User Convenience Services. \u003c\/p\u003e\n\u003cp\u003e3.6 The Enterprise Attribute Ecosystem.\u003c\/p\u003e\n\u003cp\u003e3.7 Summary. \u003c\/p\u003e\n\u003cp\u003eIdentity and Access Advanced Topics.\u003c\/p\u003e\n\u003cp\u003eChapter 4. Identity Claims in High Assurance.\u003c\/p\u003e\n\u003cp\u003e4.1 Who Are You?. \u003c\/p\u003e\n\u003cp\u003e4.2 Entity Vetting. \u003c\/p\u003e\n\u003cp\u003e4.3 Naming. \u003c\/p\u003e\n\u003cp\u003e4.4 Key and Credential Generation.\u003c\/p\u003e\n\u003cp\u003e4.5 Key and Credential Access Control.\u003c\/p\u003e\n\u003cp\u003e4.6 Key and Credential Management.\u003c\/p\u003e\n\u003cp\u003e4.7 Key and Credential Uses. \u003c\/p\u003e\n\u003cp\u003e4.8 Some Other Considerations. \u003c\/p\u003e\n\u003cp\u003eChapter 5. Cloud Key Management.\u003c\/p\u003e\n\u003cp\u003e5.1 Clouds. \u003c\/p\u003e\n\u003cp\u003e5.2 ELS in a Private Cloud.\u003c\/p\u003e\n\u003cp\u003e5.3 The Public Cloud Challenge.\u003c\/p\u003e\n\u003cp\u003e5.4 Potential Hybrid Cloud Solutions.\u003c\/p\u003e\n\u003cp\u003e5.5 Proposed Secure Solutions.\u003c\/p\u003e\n\u003cp\u003e5.6 Implementation.\u003c\/p\u003e\n\u003cp\u003e5.7 Cloud Key Management Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 6. Enhanced Assurance Needs. \u003c\/p\u003e\n\u003cp\u003e6.1 Enhanced Identity Issues. \u003c\/p\u003e\n\u003cp\u003e6.2 Scale of Identity Assurance. \u003c\/p\u003e\n\u003cp\u003e6.3 Implementing the Identity Assurance Requirement.\u003c\/p\u003e\n\u003cp\u003e6.4 Additional Requirements. \u003c\/p\u003e\n\u003cp\u003e6.5 Enhanced Assurance Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 7. Temporary Certificates. \u003c\/p\u003e\n\u003cp\u003e7.1 Users That Do Not Have a PIV.. \u003c\/p\u003e\n\u003cp\u003e7.2 Non-PIV STS\/CA-Issued Certificate. \u003c\/p\u003e\n\u003cp\u003e7.3 Required Additional Elements. \u003c\/p\u003e\n\u003cp\u003e7.4 Precluding the Use of Temporary Certificates. \u003c\/p\u003e\n\u003cp\u003e7.5 Temporary Certificate Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 8. Derived Certificates on Mobile Devices. \u003c\/p\u003e\n\u003cp\u003e8.1 Derived Credentials. \u003c\/p\u003e\n\u003cp\u003e8.2 Authentication with the Derived Credential.\u003c\/p\u003e\n\u003cp\u003e8.3 Encryption with the Derived Credential.\u003c\/p\u003e\n\u003cp\u003e8.4 Security Considerations. \u003c\/p\u003e\n\u003cp\u003e8.5 Certificate Management.\u003c\/p\u003e\n\u003cp\u003eChapter 9. Veracity and Counter Claims. \u003c\/p\u003e\n\u003cp\u003e9.1 The Insider Threat.\u003c\/p\u003e\n\u003cp\u003e9.2 Integrity, Reputation, and Veracity. \u003c\/p\u003e\n\u003cp\u003e9.3 Measuring Veracity.\u003c\/p\u003e\n\u003cp\u003e9.4 Creating a Model \u0026amp; Counter-Claims. \u003c\/p\u003e\n\u003cp\u003e9.5 Veracity and Counter-Claims Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 10. Delegation of Access and Privilege. \u003c\/p\u003e\n\u003cp\u003e10.1 Access and Privilege. \u003c\/p\u003e\n\u003cp\u003e10.2 Delegation Principles. \u003c\/p\u003e\n\u003cp\u003e10.3 ELS Delegation. \u003c\/p\u003e\n\u003cp\u003e10.4 Delegation Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 11. Escalation of Privilege. \u003c\/p\u003e\n\u003cp\u003e11.1 Context for Escalation. \u003c\/p\u003e\n\u003cp\u003e11.2 Access and Privilege Escalation. \u003c\/p\u003e\n\u003cp\u003e11.3 Planning for Escalation. \u003c\/p\u003e\n\u003cp\u003e11.4 Invoking Escalation. \u003c\/p\u003e\n\u003cp\u003e11.5 Escalation Implementation within ELS. \u003c\/p\u003e\n\u003cp\u003e11.6 Accountability. \u003c\/p\u003e\n\u003cp\u003e11.7 Escalation Summary.\u003c\/p\u003e\n\u003cp\u003eChapter 12. Federation. \u003c\/p\u003e\n\u003cp\u003e12.1 Federation Technical Considerations. \u003c\/p\u003e\n\u003cp\u003e12.2 Federation Trust Considerations. \u003c\/p\u003e\n\u003cp\u003e12.3 Federation Conclusions. \u003c\/p\u003e\n\u003cp\u003eELS Extensions – Content Management.\u003c\/p\u003e\n\u003cp\u003eChapter 13. Content Object Uniqueness for Forensics. \u003c\/p\u003e\n\u003cp\u003e13.1 Exfiltration in Complex Systems. \u003c\/p\u003e\n\u003cp\u003e13.2 Product Identifiers. \u003c\/p\u003e\n\u003cp\u003e13.3 Hidden Messages. \u003c\/p\u003e\n\u003cp\u003e13.4 Content Management.\u003c\/p\u003e\n\u003cp\u003e13.5 Content Object Summary.\u003c\/p\u003e\n\u003cp\u003eChapter 14. Homomorphic Encryption. \u003c\/p\u003e\n\u003cp\u003e14.1 Full Homomorphic Encryption (FHE)\u003c\/p\u003e\n\u003cp\u003e14.2 Partial Homomorphic Encryption (PHE) \u003c\/p\u003e\n\u003cp\u003e14.3 PHE Performance Evaluation. \u003c\/p\u003e\n\u003cp\u003e14.4 Homomorphic Encryption Conclusions. \u003c\/p\u003e\n\u003cp\u003eELS Extensions – Data Aggregation. \u003c\/p\u003e\n\u003cp\u003eChapter 15. Access and Privilege in Big Data Analysis. \u003c\/p\u003e\n\u003cp\u003e15.1 Big Data Access. \u003c\/p\u003e\n\u003cp\u003e15.2 Big Data Related Work. \u003c\/p\u003e\n\u003cp\u003e15.3 Big Data with ELS. \u003c\/p\u003e\n\u003cp\u003e15.4 Big Data Summary.\u003c\/p\u003e\n\u003cp\u003eChapter 16. Data Mediation\u003c\/p\u003e\n\u003cp\u003e16.1 Maintaining Security with Data Mediation. \u003c\/p\u003e\n\u003cp\u003e16.2 The Mediation Issue. \u003c\/p\u003e\n\u003cp\u003e16.3 Approaches. \u003c\/p\u003e\n\u003cp\u003e16.4 Choosing a Solution. \u003c\/p\u003e\n\u003cp\u003e16.5 Mediation Summary. \u003c\/p\u003e\n\u003cp\u003eELS Extensions – Mobile Devices. \u003c\/p\u003e\n\u003cp\u003eChapter 17. Mobile Ad Hoc\u003c\/p\u003e\n\u003cp\u003e17.1 Mobile Ad Hoc Implementations. \u003c\/p\u003e\n\u003cp\u003e17.2 Network Service Descriptions. \u003c\/p\u003e\n\u003cp\u003e17.3 Other Considerations.\u003c\/p\u003e\n\u003cp\u003e17.4 Mobile Ad Hoc Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 18. Endpoint Device Management \u003c\/p\u003e\n\u003cp\u003e18.1 Endpoint Device Choices. \u003c\/p\u003e\n\u003cp\u003e18.2 Endpoint Device Management \u003c\/p\u003e\n\u003cp\u003eELS Extensions – Other Topics. \u003c\/p\u003e\n\u003cp\u003eChapter 19. Endpoint Agent Architecture \u003c\/p\u003e\n\u003cp\u003e19.1 Agent Architecture. \u003c\/p\u003e\n\u003cp\u003e19.2 Related Work. \u003c\/p\u003e\n\u003cp\u003e19.3 ELS Agent Methods. \u003c\/p\u003e\n\u003cp\u003e19.4 Endpoint Agent Results. \u003c\/p\u003e\n\u003cp\u003e19.5 Endpoint Agent Conclusions. \u003c\/p\u003e\n\u003cp\u003e19.6 Endpoint Agent Extensions. \u003c\/p\u003e\n\u003cp\u003eChapter 20. Ports and Protocols\u003c\/p\u003e\n\u003cp\u003e20.1 Introduction. \u003c\/p\u003e\n\u003cp\u003e20.2 Communication Models. \u003c\/p\u003e\n\u003cp\u003e20.3 Ports in Transport Protocols. \u003c\/p\u003e\n\u003cp\u003e20.4 Threats Considered. \u003c\/p\u003e\n\u003cp\u003e20.5 Assigning Ports and Protocols. \u003c\/p\u003e\n\u003cp\u003e20.6 Server Configurations. \u003c\/p\u003e\n\u003cp\u003e20.7 Firewalls and Port Blocking. \u003c\/p\u003e\n\u003cp\u003e20.8 Application Firewalls. \u003c\/p\u003e\n\u003cp\u003e20.9 Network Firewalls in ELS. \u003c\/p\u003e\n\u003cp\u003e20.10 Endpoint Protection in ELS. \u003c\/p\u003e\n\u003cp\u003e20.11 Handling and Inspection of Traffic. \u003c\/p\u003e\n\u003cp\u003e20.12 Additional Security Hardening. \u003c\/p\u003e\n\u003cp\u003eChapter 21. Asynchronous Messaging\u003c\/p\u003e\n\u003cp\u003e21.1 Why Asynchronous Messaging?. \u003c\/p\u003e\n\u003cp\u003e21.2 Prior Work. \u003c\/p\u003e\n\u003cp\u003e21.3 Asynchronous Messaging Security. \u003c\/p\u003e\n\u003cp\u003e21.4 PSS Rock and Jewel \u003c\/p\u003e\n\u003cp\u003e21.5 Summary. \u003c\/p\u003e\n\u003cp\u003eChapter 22. Virtual Application Data Center \u003c\/p\u003e\n\u003cp\u003e22.1 Introduction. \u003c\/p\u003e\n\u003cp\u003e22.2 Enterprise Level Security and VADC Concepts. \u003c\/p\u003e\n\u003cp\u003e22.3 VADC Implementation. \u003c\/p\u003e\n\u003cp\u003e22.4 Resource Utilization. \u003c\/p\u003e\n\u003cp\u003e22.5 Distributed Benefits and Challenges. \u003c\/p\u003e\n\u003cp\u003e22.6 Virtual Application Conclusions.\u003c\/p\u003e\n\u003cp\u003eChapter 23. Managing System Changes\u003c\/p\u003e\n\u003cp\u003e23.1 System Change. \u003c\/p\u003e\n\u003cp\u003e23.2 Current Approaches. \u003c\/p\u003e\n\u003cp\u003e23.3 The Vision. \u003c\/p\u003e\n\u003cp\u003e23.4 Realizing the Vision. \u003c\/p\u003e\n\u003cp\u003e23.5 Moving into the Future. \u003c\/p\u003e\n\u003cp\u003e23.6 Managing Information Technology Changes. \u003c\/p\u003e\n\u003cp\u003eChapter 24. Concluding Remarks\u003c\/p\u003e\n\u003cp\u003e24.1 Staying Secure in an Uncertain World. \u003c\/p\u003e\n\u003cp\u003e24.2 The Model is Important \u003c\/p\u003e\n\u003cp\u003e24.3 Zero Trust Architecture. \u003c\/p\u003e\n\u003cp\u003e24.4 Computing Efficiencies. \u003c\/p\u003e\n\u003cp\u003e24.5 Current Full ELS System.. \u003c\/p\u003e\n\u003cp\u003e24.6 Future Directions. \u003c\/p\u003e\n\u003cp\u003eReferences and Bibliography. \u003c\/p\u003e\n\u003cp\u003eAcronyms. \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIndex\u003c\/strong\u003e. \u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"CRC Press","offers":[{"title":"Default Title","offer_id":52090681295191,"sku":"9780367532963","price":40.84,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780367532963.jpg?v=1762273065","url":"https:\/\/bookcurl.com\/products\/enterprise-level-security-2-9780367532963","provider":"Book Curl","version":"1.0","type":"link"}