This revised and updated second edition defines the components of access control, provides a business framework for implementation, and discusses legal requirements that impact access control programs. It looks at the risks, threats, and vulnerabilities prevalent in information systems and IT infrastructures and how to handle them. It is a student and professional resource that details how to put access control systems to work as well as testing and managing them. New to this edition: updated references to Windows 8 and Outlook 2011; a discussion of recent Chinese hacking incidence; examples depicting the risks associated with a missing unencrypted laptop containing private data. Additionally, new sections on the Communications Assistance for Law Enforcement Act (CALEA) and granting Windows folder permissions are added, as well as new information on the Identity Theft Enforcement and Restitution Act and the Digital Millennium Copyright Act (DMCA)

College of Engineering and Computer Studies