Chapter 10. Access Control in the Enterprise

ACCESS CONTROL AND AUTHENTICATION within an enterprise is a large-scale problem with multiple solutions. Each enterprise has its own way of handling it, depending on the risk that is associated with the information and activities on the network. The higher the risk of an attacker entering an organization and seeing or removing information, the more constraints the enterprise will put on users (subjects). An organization that maintains a large amount of credit card information or personally identifiable information (PII) on its customers will incur a higher impact if that information is removed or accessible. Corporations are now required to let a third party know when certain information has been compromised ...

Get Access Control, Authentication, and Public Key Infrastructure now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.