商品の説明

The CORBAsecurity specification adopted by the Object Management Group (OMG) represents a major step forward in making object technology suitable for business application development. The specification document, however, is long, detailed, and complex; it is a time-consuming task for software developers to make their way through it, and it is inaccessible to CIOs and other technical managers who need to understand object security and its impact on their organizations.

CORBA Security provides a readable and less technical overview of the specification and a guide to the security of object systems. Written from a policy point of view, the book will help you decide what security policies are appropriate for your organization and evaluate the object-based security options that can help you manage those policies.

For those unfamiliar with basic security and object technology concepts, clear introductions to these topics will bring you up to speed. The book also provides a list of questions you can ask your secure object system vendor-questions that will get behind the jargon and acronyms and give you the information you need to determine just how safe the product really is.

Readers will get an in-depth look at each element of computer security and how the CORBAsecurity specification fulfills each of these security needs. Topics covered include identification, authentication, and privilege; access control; message protection; delegation and proxy problems; auditing; and, non-repudiation. The author also provides numerous real-world examples of how secure object systems can be used to enforce useful security policies.

商品の詳細

• Amazon.co.jp ランキング: #321333 / 本
• 発売日: 2000-06
• 版型: 単行本
• 130 ページ

内容（「MARC」データベースより）
オブジェクト指向環境におけるセキュリティについて、一般向けに概念レベルで平易に説明。興味深く、有効なセキュリティポリシーを実行するための方法を、図や実例を数多く用いながら紹介する。〈ソフトカバー〉

From the Back Cover

The CORBAsecurity specification adopted by the Object Management Group (OMG) represents a major step forward in making object technology suitable for business application development. The specification document, however, is long, detailed, and complex; it is a time-consuming task for software developers to make their way through it, and it is inaccessible to CIOs and other technical managers who need to understand object security and its impact on their organizations.

CORBA Security provides a readable and less technical overview of the specification and a guide to the security of object systems. Written from a policy point of view, the book will help you decide what security policies are appropriate for your organization and evaluate the object-based security options that can help you manage those policies.

For those unfamiliar with basic security and object technology concepts, clear introductions to these topics will bring you up to speed. The book also provides a list of questions you can ask your secure object system vendor-questions that will get behind the jargon and acronyms and give you the information you need to determine just how safe the product really is.

Readers will get an in-depth look at each element of computer security and how the CORBAsecurity specification fulfills each of these security needs. Topics covered include identification, authentication, and privilege; access control; message protection; delegation and proxy problems; auditing; and, non-repudiation. The author also provides numerous real-world examples of how secure object systems can be used to enforce useful security policies.

0201325659B04062001

About the Author

Bob Blakley is Chief Scientist at DASCOM, and before joining DASCOM, was IBM's Lead Security Architect. He was the principal designer of IBM's proposal to the OMG for an Object-Oriented Security Service, and he co-edited the CORBAsecurity standard adopted by the OMG in 1996. Bob is a frequent speaker at software industry and software security conferences such as the RSA Conference, Networld+Interop, GUIDE, the Burton Group Catalyst Conference, and Open Systems Security Symposium, and the Mergent Users' Conference. He has written or co-authored seven papers on cryptography, secret-sharing schemes, access control, and other aspects of computer security, and he holds eight patents on security-related technologies.

0201325659AB04062001

カスタマーレビュー

CORBAセキュリティの第一歩がすっきり
CORBA分散オブジェクト環境におけるセキュリティに関する数少ない書籍のひとつです。セキュリティポリシーのモデル、認証、クレデンシャル、アクセス制御、メッセージ保護、委譲、監査、否認不可といったセキュリティの各側面の概念を説明し、それがCORBAセキュリティではどのように実現されているかを解説しています。全体的に、図と例が豊富で、説明は平易でとても分かりやすいです。セキュリティに関する深い知識がなくても読み進めることができると思います。これに続いて、Kerberos、PKI、暗号といったより詳細なトピックを学ぶのもひとつのやり方ではないでしょうか。また、第10章には、実際のCORBAセキュリティ製品を選択するさいの指針が記述されていて、これは有益だと思います。