• United States

Books on identity management, controlling malware, and Windows Terminal Services

Mar 29, 20062 mins
Identity Management SolutionsNetworking

* Must-reads for network managers with an interest in ID management and Windows

Steve Riley, a senior security strategist (that’s a “3S”) in Microsoft’s Security Technology Unit, recently posted a paper on Microsoft’s Web site that attempts to explain the difference among three terms that often seem to confound even the best of network managers: identity, authentication and authorization.

In his paper entitled “It’s Me, and Here’s My Proof”, Riley posits three questions that encapsulate the three terms:

* Identity – Who are you?

* Authentication – What proof do you have?

* Authorization – What can you do?

In terms of your network, Identity is the username, while the Authentication proof is the password. The Authorization part is the rights and privileges that the user has once they’ve been authenticated.

It’s an interesting paper, worth reading even if you think you’re thoroughly familiar with the terms.

While you’re collecting reading material there are a couple of new chapters available from RealtimePublishers that you should look into as well.

“The Definitive Guide to Controlling Malware, Spyware, Phishing, and Spam” is now up to chapter 5, “Phishing and Identity Theft”. Find it here along with the first four chapters if you haven’t already gotten them.

Chapter 6 of “The Definitive Guide to Windows Server 2003 Terminal Services (Updated Edition)” is also now available. This chapter, “Managing User Profiles,” introduces you to the types of profiles available in Windows Server 2003, how to implement each type, and the options available for creating a mixed environment in which different servers use different types of profiles.

Finally, “The Shortcut Guide to Automating Network Management and Compliance” is a fast-paced, guide that will give IT managers and network administrators the know-how to improve network operations, security and compliance. The book focuses on advanced tools and technologies to make auditing easier, improve uptime and more. This is a complete, short volume but one filled with useful advice.

So there you have it, your assigned reading for the next couple of weeks. Read carefully, there may be a test!