CORBA Security: An Introduction to Safe Computing with Objects (Paperback)

Bob Blakley, Robert Blakely

  • 出版商: Addison Wesley
  • 出版日期: 1999-10-01
  • 售價: $1,100
  • 貴賓價: 9.5$1,045
  • 語言: 英文
  • 頁數: 160
  • 裝訂: Paperback
  • ISBN: 0201325659
  • ISBN-13: 9780201325652
  • 相關分類: 資訊安全
  • 立即出貨(限量) (庫存=6)

買這商品的人也買了...

商品描述


Table Of Contents

1. Objects and Security.
What Are Objects?
How Do Objects Send Messages?
What Is Security?
Protection.
Authorization.
Accountability.
Availability.
Assurance.

2. Object Security.
Special Object Security Requirements.
Naming.
Scale.
Encapsulation.
An Overview of the CORBA Security Model.

3. Policy.
Protection and Policy.
Subjects.
Objects.
Actions.
Access Control Policy.
Message Protection Policy.
Audit Policy.
Non-Repudiation Policy.

4. Identification, Authentication, and Privilege.
Subjects.
Authentication and Credentials.
Contexts.

5. Access Control.
Managing Access Control Policy.
The Problem of Scale.
Controlling Access Control Policy Scale.
Privilege Attributes Are Groups of Subjects.
Domains Are Groups of Objects.
Required Rights Are Groups of Actions.
Enforcing Access Control Policy.
The accessDecision Procedure.
Combining Policies to Make Access Decisions.

6. Message Protection.
Managing Message Protection Policy.
Quality of Protection.
Defining Message Protection Policy.
Enforcing Message Protection Policy.

7. Delegation.
The Secure Proxy Problem.
Managing Delegation Policy.
Enforcing Delegation Policy.

8. Security Auditing.
Managing Audit Policy.
Event Generation Policy.
Enforcing Audit Policy.
Audit Decisions.
Audit Channels.

9. Non-Repudiation.
Disputes, Evidence, and the Burden of Proof.
Disputes.
Non-Repudiation Evidence.
Non-Repudiation Policies.
Managing Non-Repudiation Policy.
Enforcing Non-Repudiation Policy.
Non-Repudiation Credentials.
Generating Non-Repudiation Evidence.
Arbitrating Disputes Using Non-Repudiation Evidence.
Examples of Disputes.
Non-Repudiation Service Structures.

10. Questions to Ask Your Secure Object System Vendor.
Suggested Reading.
Glossary.
Index. 0201325659T04062001


Back to Top

商品描述(中文翻譯)

```

目錄

1. 物件與安全性
- 什麼是物件?
- 物件如何傳送訊息?
- 什麼是安全性?
- 保護
- 授權
- 負責任
- 可用性
- 保證

2. 物件安全性
- 特殊物件安全性需求
- 命名
- 規模
- 封裝
- CORBA安全模型概述

3. 策略
- 保護與策略
- 主體
- 物件
- 行動
- 存取控制策略
- 訊息保護策略
- 審計策略
- 不可否認策略

4. 識別、驗證和特權
- 主體
- 驗證和憑證
- 上下文

5. 存取控制
- 管理存取控制策略
- 規模問題
- 控制存取控制策略規模
- 特權屬性是主體群組
- 領域是物件群組
- 所需權限是行動群組
- 執行存取控制策略
- 存取決策程序
- 結合策略以做出存取決策

6. 訊息保護
- 管理訊息保護策略
- 保護品質
- 定義訊息保護策略
- 執行訊息保護策略

7. 委派
- 安全代理問題
- 管理委派策略
- 執行委派策略

8. 安全審計
- 管理審計策略
- 事件生成策略
- 執行審計策略
- 審計決策
- 審計通道

9. 不可否認
- 糾紛、證據和舉證責任
- 糾紛
- 不可否認證據
- 不可否認策略
- 管理不可否認策略
- 執行不可否認策略
- 不可否認憑證
- 生成不可否認證據
- 使用不可否認證據仲裁糾紛
- 糾紛範例
- 不可否認服務結構

10. 向您的安全物件系統供應商提問的問題
- 建議閱讀
- 詞彙表
- 索引

```