相關主題
商品描述
Security for a Web 2.0+ World looks at the perplexing issues of cyber security, and will be of interest to those who need to know how to make effective security policy decisions to engineers who design ICT systems – a guide to information security and standards in the Web 2.0+ era. It provides an understanding of IT security in the converged world of communications technology based on the Internet Protocol.
Many companies are currently applying security models following legacy policies or ad-hoc solutions. A series of new security standards (ISO/ITU) allow security professionals to talk a common language. By applying a common standard, security vendors are able to create products and services that meet the challenging security demands of technology further diffused from the central control of the local area network. Companies are able to prove and show the level of maturity of their security solutions based on their proven compliance of the recommendations defined by the standard.
Carlos Solari and his team present much needed information and a broader view on why and how to use and deploy standards. They set the stage for a standards-based approach to design in security, driven by various factors that include securing complex information-communications systems, the need to drive security in product development, the need to better apply security funds to get a better return on investment.
Security applied after complex systems are deployed is at best a patchwork fix. Concerned with what can be done now using the technologies and methods at our disposal, the authors set in place the idea that security can be designed in to the complex networks that exist now and for those in the near future. Web 2.0 is the next great promise of ICT – we still have the chance to design in a more secure path.
Time is of the essence – prevent-detect-respond!
商品描述(中文翻譯)
了解科技如何影響您的業務,以及為什麼傳統的安全機制無法應對風險和信任問題。
《Web 2.0+世界的安全》探討了令人困惑的網絡安全問題,對於那些需要了解如何做出有效安全政策決策的人,以及設計ICT系統的工程師來說,這是一本關於Web 2.0+時代的信息安全和標準的指南。它提供了對基於Internet協議的通信技術融合世界中的IT安全的理解。
許多公司目前正在應用遵循遺留政策或臨時解決方案的安全模型。一系列新的安全標準(ISO/ITU)使安全專業人員能夠使用共同的語言進行交流。通過應用共同的標準,安全供應商能夠創建符合技術安全需求的產品和服務,這些需求已經從本地區域網絡的中央控制進一步擴散。公司能夠通過證明和展示其安全解決方案的成熟程度,基於其對標準所定義的建議的證實來證明。
Carlos Solari及其團隊提供了非常需要的信息和更廣泛的觀點,關於為什麼以及如何使用和部署標準。他們為基於標準的安全設計方法奠定了基礎,這是由多種因素驅動的,包括保護複雜的信息通信系統,推動產品開發中的安全性,更好地應用安全資金以獲得更好的投資回報。
在部署複雜系統之後應用安全措施最多只能起到臨時修補的作用。作者們關注的是使用現有技術和方法,現在可以做些什麼,他們提出了一個觀點,即安全可以被設計到現有的複雜網絡中,也可以設計到未來的網絡中。Web 2.0是ICT的下一個偉大承諾,我們仍然有機會在其中設計一條更安全的道路。
時間非常重要-預防-檢測-應對!