Skip to main content

Trent Adams's Library tagged identity   View Popular

09 Sep 09

Burton Group Identity Blog: US Government Identity News

  • Organizations which serve as trust roots will assess the practices and guarantees of identity providers, and they will establish registries of providers and “score” them against a set of identity assurance criteria aligned with the Liberty Alliance Identity Assurance Framework and the OMB M-04-04 and NIST SP 800-63 guidelines.
07 Jul 09

Group examining SAML, Information Card for European identity system - Network World

  • A group co-funded by the European Union has reversed its thinking and is considering both SAML and Information Card as technologies to help create an interoperable identity and authentication system to link EU members.
18 Jun 09

CA on Security Management

  • Over the past year or so, I have been CA's representative involved in the structuring and birth of the Kantara Initiative.  Now that the Kantara Initative is officially launched, I thought it made sense to blog about why CA believes the creation of the Kantara Initiative is so important.  In no particular order, here are my thoughts on "why Kantara."
03 Jun 09

Untitled

  • The Trust in Digital Life Partnership (TDLP) is a new initiative that aims, over the course of two years, to set out a vision for trustworthy products relating to information and communications technology (ICT), including devices, applications, services, and infrastructures. Central to this vision shall be a recognition of the importance of the rule of law, security, and privacy and other core democratic freedoms in contributing to trustworthiness.

Start-up tackles identity-as-service - Network World

  • So Schwartz brought forth GLUU, the identity solution for the "metaprise" (his term), defined as the enterprise (or other
    organization) plus the community of suppliers, partners, and customers essential to its success. That community can federate
    through GLUU quickly and easily. The "owner" of the community can define what user attributes are published in the community.
    Then each organization that chooses to join the community can specify which people within the organization should be published
    in this community.
22 May 09

Digital identity - Wikipedia, the free encyclopedia

  • An observer's perception of the digital identity of an entity is inevitably mediated by the subjective viewpoint of that observer (just as it is with physical identity). In order to attribute a digital representation to an entity, and so to elide the two as a digital subject, the attributing party (the observer) must trust that the representation does indeed pertain to the entity (see Authentication below). Conversely, the entity may only grant the observer selective access to its informational attributes (according to the identity of the observer from the perspective of the entity). In this way, digital identity is better understood as a particular viewpoint within a mutually-agreed relationship than as an objective property. This contextual nature of digital identity is referred to as contextual identity.
07 May 09

The Center for Applied Identity Management Research Releases First Annual Workshop Report

  • CAIMR was launched in October 2008 and its partners include identity management experts from industry, academia and government. The goal of the organization is to identify key identity management challenges and the existing gaps in knowledge surrounding them in order to provide the much-needed applied research to properly address them. Those societal challenges include cyber crime, identity theft and fraud, attacks on critical infrastructure systems, data breaches, financial crimes including mortgage fraud, protection of the warfighter and more, that impact individuals, public safety, commerce, government and national security.
  • Most importantly, CAIMR is focused on discovering real world solutions and providing best practices and recommendations.
  • 1 more annotations...

Home - Smart Card Alliance

  • Our mission is to accelerate the widespread adoption, usage, and application of smart card technology in North America by bringing together users and technology providers in an open forum to address opportunities and challenges for our industry.
06 May 09

IDSP Convenes Third Plenary Meeting, Solicits Input on Future Work

  • The IDSP is now soliciting input on its future work program. Current members and newcomers alike are encouraged to complete a short survey and to weigh in with proposals for new workshops by June 1. The IDSP Steering Committee will review the survey responses and an announcement will follow regarding the future program of work.
04 May 09

Clickjacking & OAuth

  • Clickjacking is when a visitor to a web page is tricked into clicking on an element that they believe to be harmless when in reality they are clicking on an element on a different website that exposes protected data or grants an attacker access.
24 Apr 09

A Few More Thoughts on Email Authentication… errr… Trust

  • For authentication to be useful, you also need some sort of evaluation mechanism, whether an ad hoc, private whitelist or a trusted, third-party assessment service. Authentication is only one component of a trust service. This, of course, leads to a chicken-and-egg problem trying to get adoption by parties who might not see concrete benefit anytime soon. While the mechanics and operation of authentication are well understood, they aren't cheap to implement. Absent an immediate value proposition, why should an organization go through the expense? Operations folk are not usually swayed by vague promises of eventual benefit. So what are the specific, immediate assessment, whitelist, reputation, certification benefits available for an adopter of DKIM or SPF? Absent a meaningful assessment mechanism, the answer is: none.
  • The simplest is application of classic Bayesian content analysis, to develop a reputation history for a particular identifier. Perform the usual types of statistical evaluation of a stream of messages having the same signature. You will quickly formulate an assessment. If your assessment is negative, you are in the unusual position of knowing who to complain to: Since the message stream is authenticated, there is an explicitly and reliably specified responsible party. If your assessment is positive, you can start treating that stream differently (and better) than messages lacking authentication.
  • 1 more annotations...
1 - 20 of 30 Next ›
Showing 20 items per page

Selected Tags

Related Tags

Sponsored Links

Ads by Google

Highlighter, Sticky notes, Tagging, Groups and Network: integrated suite dramatically boosting research productivity. Learn more »

Join Diigo