Copyright: 2017
Pages: 280
ISBN: 9781630811341

Our Price: £84.00
Qty:
Our Price: £62.00

Description

This comprehensive new resource provides an introduction to fundamental Attribute Based Access Control (ABAC) models. This book provides valuable information for developing ABAC to improve information sharing within organizations while taking into consideration the planning, design, implementation, and operation. It explains the history and model of ABAC, related standards, verification and assurance, applications, as well as deployment challenges.

 

Readers find authoritative insight into specialized topics including formal ABAC history, ABAC’s relationship with other access control models, ABAC model validation and analysis, verification and testing, and deployment frameworks such as XACML. Next Generation Access Model (NGAC) is explained, along with attribute considerations in implementation. The book explores ABAC applications in SOA/workflow domains, ABAC architectures, and includes details on feature sets in commercial and open source products. This insightful resource presents a combination of technical and administrative information for models, standards, and products that will benefit researchers as well as implementers of ABAC systems in the field.

Table Of Contents

Access Control Models and Approaches; Attribute Based Access Control; ABAC Deployment using XACML; Next Generation Access Control; ABAC Policy Verifications and Testing; Attribute Consideration; ABAC Deployments in Application Architectures; ABAC Life Cycle Issues (Considerations); ABAC in Commercial Products; Open Source ABAC Implementations- Architectures & Features.

Author

  • Ramaswamy Chandramouli

    is a computer scientist at the National Institute of Standards and Technology (NIST).He received his Ph.D. in information security from George Mason University, his M.S. in operations research from the University of Texas at Dallas and his M.Tech. in industrial engineering and operations research from the Indian Institute of Technology, Bombay, India.

  • David F. Ferraiolo

    is currently the manager for the Secure Systems and Applications group of the Computer Security Division at the National Institute of Standards and Technology (NIST). He received his degrees in computer science and mathematics from SUNY Albany.

  • D. Richard Kuhn is a computer scientist in the Computer Security Division of the National Institute of Standards and Technology (NIST). He received his M.S. in computer science from the University of Maryland College Park and his MBA from the College of William and Mary.
  • Vincent C. Hu

    is a computer scientist in the Computer Security Division of the National Institute of Standards and Technology (NIST). He received his Ph.D. in computer science from the University of Idaho in Moscow, Idaho, and his M.S.in computer science from Old Dominion University in Norfolk, Virginia.

Reviews:

Review by: Gerry Gebel, Axiomatics - September 1, 2017

The authors are doing a great service for the industry in detailing the evolution of authorization systems and the emergence of ABAC as the latest milestone in this effort. ABAC is vital to meeting modern security challenges of the digital enterprise, where improved customer experience, speed of implementation, and sharing sensitive data are key requirements.