Publisher's Synopsis
Many books covering information assurance architectures and system testing propose high-level methods, but often leave readers to fend for themselves when it comes time for implementation. Going beyond regurgitating processes specified by standards bodies, Securing System Information Flowsidentifies the nuts and bolts of engineering secure systems, and also provides readers with an effective framework for specifying and evaluating information flows in organizations of any size. The text covers complex aspects of information flow including the concepts of least privilege and separation of duties. Flow charts and checklists are also included that facilitate use of the security framework.