Identity Design Considerations

This chapter covers the following topics:

  • Basic Foundation Identity Concepts
  • Types of Identity
  • Factors in Identity
  • Role of Identity in Secure Networking
  • Identity Technology Guidelines
  • Identity Deployment Recommendations

A good name is better than precious ointment.

Ecclesiastes, 7:1

"Must a name mean something?" Alice asked doubtfully.

"Of course it must," Humpty Dumpty said with a short laugh: "my name means the shape I amand a good handsome shape it is, too. With a name like yours, you might be any shape, almost."

Lewis Carroll, Through the Looking-Glass, 1872

Identity is a foundation technology in secure networking. It, more than any other technology, interfaces directly with the network's users. But as you'll learn in this chapter, identity isn't always just about users; sometimes network or device identity is needed. As you learned in Chapter 4, "Network Security Technologies," there are many identity "technologies" such as username/password, digital certificates, RADIUS/ TACACS+, and so on. This chapter discusses some additional forms of identity and some common deployments and design considerations around identity in the network.

Identity touches almost all aspects of secure networking in some form or another. In keeping with this, other chapters in the book also discuss identity components when appropriate. Specifically, Chapter 10, "IPsec VPN Design Considerations," and Chapter 11, "Supporting-Technology Design Considerations," have identity discussions particular to virtual private networks (VPNs) and wireless LANs (WLANs).

This chapter focuses on some of the foundation identity concepts and technologies that span most of the identity space.

Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies



Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process


Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery © 2008-2020.
If you may any questions please contact us: