Continued from yesterday’s V=(EI)2, Part One
The Function of V=(EI)2Encapsulating this in a simple profit motive expression we show:
V = all Value of identity from all sources
E = the Essence of an identity. This includes an assessment of energy, intelligence, financial strength, and overall capacity to engage, whether physically or virtually represented. Importantly it also incorporates a multiplier reflecting the strength of the joint between an identity and an individual or “real person”. The more “identifiable”, the more valuable. It also assumes “identity richness” delivered through higher level assertions — the battle-ground of the standards debate…
Original post by blog@rsa.com (John Madelin) and a wordpress plugin by Elliott
Computer security Systems
Computer security Systems
Fresh from a Burton Catalyst meeting in Munich I was musing over the extraordinary change in attitude and approach towards the handling of so called “higher level assertions”, or the Rule and Role combinations that comprise the richness and “business intelligence” in an identity. (Also known somewhat dryly as “Access Control” or “Authorisation”).
Original post by blog@rsa.com (John Madelin) and software by Elliott Back
Computer security Systems
Computer security Systems
It is becoming increasingly obvious that the future will be a world where the portability of identity credentials is fundamental: context and boundaries will be too fluid to use traditional hierarchical IT architectures to structure and control your business. In this model even application ownership will become less relevant, as identities draw on services and solutions through SOA and web service models across the extended supply chain…
Original post by blog@rsa.com (John Madelin) and software by Elliott
Computer security Systems
Computer security Systems
It is becoming increasingly obvious that the future will be a world where the portability of identity credentials is fundamental: context and boundaries will be too fluid to use traditional hierarchical IT architectures to structure and control your business. In this model even application ownership will become less relevant, as identities draw on services and solutions through SOA and web service models across the extended supply chain…
Read more at blog@rsa.com (John Madelin)
Computer security Systems
Computer security Systems
One or two recent sharp digs in the side have invigorated me to put pen to paper and respond to the thesis that RSA Security has a disjointed portfolio in its relevance to the mega-trend of Identity Management. The stone-throwing seems to come from an improper understanding of the world in which we find ourselves, how we got here, and how the exact product combinations in our portfolio are so neatly attuned to the current landscape…
Original post by blog@rsa.com (John Madelin) and software by Elliott Back
Computer security Systems
Computer security Systems
Since the FFIEC issued its recent guidance on authentication in the Internet banking arena (as blogged by my colleague Shannon Kellogg), a number of articles have rightly weighed up the merits – and deficiencies – of the various two-factor authentication solutions on the market.
Many of these articles have drawn on concerns raised back in March by Bruce Schneier, who wrote in his blog that “two-factor authentication doesn’t solve anything” when faced with new threats such as man-in-the-middle (MITM) attacks and Trojans. Evidently, some level-setting and clarification is needed…
Original post by blog@rsa.com (Burt Kaliski) and plugin by Elliott Back
Computer security Systems
Computer security Systems
If you’ve ever wondered what intelligence agencies have in their basements, maybe it starts with the equivalent of several dozen 2.2GHz-Opteron-CPUs. That’s the amount of computing power the research team of F. Bahr, M. Boehm, J. Franke, and T. Kleinjung applied over a five-month period to factor the RSA-640 challenge number. The team announced the two prime factors of this 640-bit number last week…
Original post by blog@rsa.com (Burt Kaliski) and a wordpress plugin by Elliott
Computer security Systems
Computer security Systems
Earlier this week, the Liberty Alliance Project announced the formation of a new Strong Authentication Experts Group. This is an important development because Liberty is a serious global organization that includes within its membership key technology vendors and large user organizations from around the world It also has a proven track record in developing interoperable standards to advance the protection and management of online identities. RSA Security is a founding board member and sponsor of the Liberty Alliance and I currently serve as RSA’s representative on the organization’s Management Board…
Original post by blog@rsa.com (Shannon Kellogg) and a wordpress plugin by Elliott
Computer security Systems
Computer security Systems
TV spots in Washington, D.C. and San Francisco at the end of last week demonstrated the ease with which ‘live phishing’ can be carried out on the streets–to camera. RSA Security ‘researchers’ in the capital, working under the guise of performing a tourism survey, gleaned information including dates and places of birth, mothers’ maiden names and more from unsuspecting passers-by, while in San Francisco a separate crew played Security Psychic and attempted to guess people’s passwords from similar information they had handed over just before…
Original post by blog@rsa.com (Slava Kavsan) and software by Elliott
Computer security Systems
Computer security Systems
TV spots in Washington, D.C. and San Francisco at the end of last week demonstrated the ease with which ‘live phishing’ can be carried out on the streets–to camera. RSA Security ‘researchers’ in the capital, working under the guise of performing a tourism survey, gleaned information including dates and places of birth, mothers’ maiden names and more from unsuspecting passers-by, while in San Francisco a separate crew played Security Psychic and attempted to guess people’s passwords from similar information they had handed over just before…
Original post by blog@rsa.com (Slava Kavsan) and powered by Img Fly
Computer security Systems
Computer security Systems