Having summarized the many and sometimes conflicting requirements that an access management system must address, we now consider a number of actual schemes currently in use or under consideration and analyze how well they meet these requirements. It's important to recognize that in solving real-world problems more ...

Authentication strength is a somewhat subjective question. For many of the approaches that we will discuss, strength comes from the details of cryptographic algorithms and key lengths used; but part lies also in overall system design and implementation and in the realities of user behavior, and this can ...

The basic cross-organizational access management problem is exemplified by most licensing agreements for networked information resources today; it also arises in situations where institutions agree to share limited-access resources with other institutions as part of consortia or other resource sharing collaborations. In such an agreement, an institution -- ...

There are actually less than 10 CAs issuing commercially available SSL certificates. The Appendix contains the full list of CAs. Until recently the SSL market has been monopolized by Verisign and Thawte. In 1999 Verisign acquired Thawte, and it became a Verisign subsidiary. In recent years, new global players providing ...

When SSL is first activated on the webserver, the webserver requires information about the identity of the website including the website domain name and company details. The webserver then creates two cryptographic keys – a Private Key and a Public Key. The Private Key is so called for a reason ...

Myspace has become ridiculously easy to hack. I try my best to keep this blog updates with the latest hacks/codes that I find over the internet. These days even amateurs spend their time trying to hack into Myspace. I seen a number of hacks and codes released for Myspace from ...

An organization’s email system is a corporate knowledge repository. It can contain vast quantities of useful email information which is often vital to a business and allowing access to this corporate asset can make users more productive. ...

A trust hierarchy demands that entities "vouch" for each other. Companies that issue SSL certificates are in the business of establishing that entities on the web are, in fact, who they claim to be. The potential for criminal activity on the web (in relevance to SSL anyway), is in online ...