Posts Tagged ‘security’
Digital 9/11
This post is probably going to get me into trouble, but this stuff needs saying. There’s been a sudden outburst of sanity today about this topic, so I feel obliged to throw in my 2¢. A few weeks back I heard somebody say that we hadn’t yet seen a ‘digital 9/11’. I think what they […]
Filed under: security | 2 Comments
Tags: 9/11, cyber, intelligence, movie plot, response, security, terrorist
The MAC hullabaloo
Kim Cameron has had lots of interesting things to say over the past few days about the security and privacy implications of harvesting MAC addresses in the wake of Google being somewhat caught out with their activities in this area. Today though he has a piece where I think he’s crossed over the Chicken Little line. In […]
Filed under: identity, security | Leave a Comment
Tags: cardspace, information card, Kim Cameron, MAC, MACs, privacy, security, streetview, wifi
A little while ago I put out a plea for stronger authentication for Google Apps, and it seems that my wish has been granted with Tricipher launching their myOneLogin for Google Apps[1]. I had tried myOneLogin before, and frankly wasn’t too impressed. This time things are different though, the issues I’d seen before with Chrome compatibility and […]
Filed under: identity, security | 2 Comments
Tags: authentication, google, identity, saas, security, strong authentication, tricipher, verisign, vip
Two wishes granted – an API for XACML, and OpenID from Google Apps. Wish three – strong(er) authentication for Google Apps to make SaaS more secure.
Filed under: identity, security | 1 Comment
Tags: directories, google, identity, idm, ldap, ldif, OpenID, saas, security, strong auth, strong authentication, twittergate, xacml
Security conferences
Having dragged James into the debate about Pamela’s post, and having spent most of the week at a security conference I thought I’d throw some of my own thoughts into the ring. Let’s start with attendees, or ‘plankton‘ as Pamela calls them, and the idea that attendees learn something by going to conferences. I think […]
Filed under: security | 4 Comments
Tags: conference, security
Persona – one year on
It seems that the term Persona is finally finding its way into common usage, and I’m encouraged by the recent posts by Nishant Kaushik and Mark Dixon.
Filed under: security | 2 Comments
Tags: digital identity, idm, llp, persona, security, trust
Why I’m a NAC nonbeliever
I was recently speaking at a conference, and the subject of network access control (NAC) came up. At the time I gave a rather glib answer that ‘it’s not the network that you wish to control access to, but the data and services that wrap it’. That’s been my position for some time, but it’s […]
Filed under: security | 2 Comments
Tags: entitlements, nac, reperimiterisation, reperimiterization, security
For most enterprises the essence of trustworthiness is their internal build, which normally comes in client and server flavours for a variety of ‘supported’ operating systems. Machines running this build are trusted to access corporate resources, anything else is kept out with policies, firewalls and mechanisms like network access control (NAC). That internal build is […]
Filed under: security | 1 Comment
Tags: malware, management, managment, security, trust, virtual appliance, virtualisation
Despite the lack of comments (yet) the post on persona has resulted in some good behind the scenes debate. Something that came out of this is that I agreed to post an illustration of how a legal entity fits into the persona illustration in order to effect the LLP concept: Sadly this still leaves us […]
Filed under: security | 5 Comments
Tags: identity, idm, llp, persona, security, trust
Persona
OK, it’s time for my first serious post, and it’s not about a brand of fertility monitor. Persona is a term that’s increasingly being used in conversations around digital identity, but it’s not one that I typically find to be well defined. The Wikipedia entry doesn’t help much, as it is about the more general […]
Filed under: security | 6 Comments
Tags: digital identity, idm, llp, persona, security, trust