book

Foundations of Information Security

by Jason Andress

October 2019

Beginner

248 pages

7h 7m

English

No Starch Press

Read now

Unlock full access

Who Should Read This Book?About This Book
Defining Information SecurityWhen Are You Secure?Models for Discussing Security IssuesAttacksDefense in DepthSummaryExercises

IdentificationAuthenticationCommon Identification and Authentication MethodsSummaryExercises
What Are Access Controls?Implementing Access ControlsAccess Control ModelsPhysical Access ControlsSummaryExercises
AccountabilitySecurity Benefits of AccountabilityAuditingSummaryExercises
The History of CryptographyModern Cryptographic ToolsProtecting Data at Rest, in Motion, and in UseSummaryExercises
What Is Compliance?Achieving Compliance with ControlsMaintaining ComplianceLaws and Information SecurityAdopting Frameworks for ComplianceCompliance amid Technological ChangesSummaryExercises
The Operations Security ProcessLaws of Operations SecurityOperations Security in Our Personal LivesOrigins of Operations SecuritySummaryExercises
Gathering Information for Social Engineering AttacksTypes of Social Engineering AttacksBuilding Security Awareness with Security Training ProgramsSummaryExercises
Identifying Physical ThreatsPhysical Security ControlsProtecting PeopleProtecting DataProtecting EquipmentSummaryExercises
Protecting NetworksProtecting Network TrafficNetwork Security ToolsSummaryExercises
Operating System HardeningProtecting Against MalwareOperating System Security ToolsSummaryExercises
Mobile SecurityEmbedded SecurityInternet of Things SecuritySummaryExercises
Software Development VulnerabilitiesWeb SecurityDatabase SecurityApplication Security ToolsSummaryExercises
Vulnerability AssessmentPenetration TestingDoes This Really Mean You’re Secure?SummaryExercises

Content preview from Foundations of Information Security

3AUTHORIZATION AND ACCESS CONTROLS

After you’ve received a party’s claim of identity and established whether that claim is valid, as discussed in Chapter 2, you have to decide whether to allow the party access to your resources. You can achieve this with two main concepts: authorization and access control. Authorization is the process of determining exactly what an authenticated party can do. You typically implement authorization using access controls, which are the tools and systems you use to deny or allow access.

You can base access controls on physical attributes, sets of rules, lists of individuals or systems, or other, more complex factors. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Fundamentals of Information Systems Security, 3rd Edition

Publisher Resources

ISBN: 9781098122546

Foundations of Information Security

by Jason Andress

3AUTHORIZATION AND ACCESS CONTROLS

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Fundamentals of Information Systems Security, 3rd Edition

Defensive Security Handbook

CISM Certified Information Security Manager Study Guide

Security in Computing

Publisher Resources

3AUTHORIZATION AND ACCESS CONTROLS

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Fundamentals of Information Systems Security, 3rd Edition

Defensive Security Handbook

CISM Certified Information Security Manager Study Guide

Security in Computing

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.