Posts Tagged ‘trust’
Andrew “bunnie” Huang recently presented at the 36th Chaos Communication Congress (36C3) on ‘Open Source is Insufficient to Solve Trust Problems in Hardware‘ with an accompanying blog post ‘Can We Build Trustable Hardware?‘. His central point is that Time-of-Check to Time-of-Use (TOCTOU) is very different for hardware versus software, and so open source is less helpful in mitigating […]
Filed under: InfoQ news, security | Leave a Comment
Tags: FPGA, hardware, open source, trust
The Dell Lesson on Trust Scope
Dell has been in trouble for the last few days for shipping a self signed CA ‘eDellRoot'[1] in the trusted root store on their Windows laptops. From a public relations perspective they’ve done the right thing by saying sorry and providing a fix. This post isn’t going to pick apart the rights and wrongs – […]
Filed under: could_do_better, security | Leave a Comment
Tags: CA, certificate, Dell, trust
Persona – one year on
It seems that the term Persona is finally finding its way into common usage, and I’m encouraged by the recent posts by Nishant Kaushik and Mark Dixon.
Filed under: security | 2 Comments
Tags: digital identity, idm, llp, persona, security, trust
For most enterprises the essence of trustworthiness is their internal build, which normally comes in client and server flavours for a variety of ‘supported’ operating systems. Machines running this build are trusted to access corporate resources, anything else is kept out with policies, firewalls and mechanisms like network access control (NAC). That internal build is […]
Filed under: security | 1 Comment
Tags: malware, management, managment, security, trust, virtual appliance, virtualisation
Despite the lack of comments (yet) the post on persona has resulted in some good behind the scenes debate. Something that came out of this is that I agreed to post an illustration of how a legal entity fits into the persona illustration in order to effect the LLP concept: Sadly this still leaves us […]
Filed under: security | 5 Comments
Tags: identity, idm, llp, persona, security, trust
Persona
OK, it’s time for my first serious post, and it’s not about a brand of fertility monitor. Persona is a term that’s increasingly being used in conversations around digital identity, but it’s not one that I typically find to be well defined. The Wikipedia entry doesn’t help much, as it is about the more general […]
Filed under: security | 6 Comments
Tags: digital identity, idm, llp, persona, security, trust
Chris Swan's Weblog 