REVIEW: “Identity Management: Concepts, Technologies, and Systems”, Elisa Bertino/Kenji Takahashi
“Identity Management: Concepts, Technologies, and Systems”, Elisa
Bertino/Kenji Takahashi, 2011, 978-1-60807-039-8
%A Elisa Bertino
%A Kenji Takahashi
%C 685 Canton St., Norwood, MA 02062
%G 978-1-60807-039-8 1-60807-039-5
%I Artech House/Horizon
%O 800-225-9977 fax: +1-617-769-6334 email@example.com
%O Audience i- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P 196 p.
%T “Identity Management: Concepts, Technologies, and Systems”
Chapter one, the introduction, is a review of general identity related issues. The definition of identity management, in chapter two, is thorough and detailed, covering the broad range of different types and uses of identities, the various loci of control, the identity lifecycle (in depth), and a very effective technical definition of privacy. (The transactional attribute is perhaps defined too narrowly, as it could relate to non-commercial activities.)
“Fundamental technologies and processes” addresses credentials, PKI (Public Key Infrastructure), single sign-on, Kerberos, privacy, and anonymous systems in chapter three. The level of detail varies: most of the material is specific with limited examples, while attribute federation is handled quite abstractly. Chapter four turns to standards and systems, reviewing SAML (Security Assertion Markup Language), Web Services Framework, OpenID, Information Card-Based Identity Management (IC-IDM), interoperability, other prototypes, examples, and projects, with an odd digression into the fundamental confidentiality, integrity, and availability concepts. Challenges are noted in chapter five, briefly examining usability, access control, privacy, trust management, interoperability (from the human, rather than machine, perspective, particularly expectations, experience, and jargon), and finally biometrics.
This book raises a number of important questions, and mentions many new areas of work and development. For experienced security professionals needing to move into this area as a new field, it can serve as an introduction to the topics which need to be discussed. Those looking for assistance with an identity management project will probably need to look elsewhere.
copyright, Robert M. Slade 2011 BKIMCTAS.RVW 20110326