Anil John: Does KBA and Public Sector Online Services Have a Future? Knowledge Based Authentication (KBA) and its use by Public Sector online services have to date been a marriage of convenience. The recent breaches of private sector data brokers introduces concerns and questions about the continuing effectiveness of this source of data for use by the public sector for identity proofing and compensating controls.
Martin Kuppinger: Azure Active Directory: What is the Graph API? In Azure Active Directory (AAD) there is a Graph API. This is the main API to access AAD. The idea of a Graph API is not entirely new. The one provided by Facebook is already well established. But what is this really about and why does AAD provide such an API?
Rashmi Knowles, RSA: Be on your Best Behaviour! At the recent Gartner Risk and Management Summit in London one of the key capabilities discussed was how behaviour analytics will play a huge part in our security implementations in the future. In fact, many organizations are already in the midst of implementing these controls.
Anil John: Local Credentials and Life in the Federation Glass House I've been a long-time proponent of the value of identity federation. But when faced with a choice of using a federated credential or creating a local credential, in the vast majority of cases, I have chosen the latter. This blog post is an analysis of that behavior and its implications for (my) adoption of federated credentials.
GSMA: Mobile Identity Research: UK Research Summary The GSMA worked with GfK to conduct research to provide an integrated view of the UK market with respect to digital / mobile identity. The research presentation and summary infographic provide an overview of the key findings of the research, which concluded in June 2013.
Naresh Persaud: The Identity of Everything - CSO Summit Open World A recent Cisco report estimates by 2020 there will be more than 50 billion devices worldwide while the human population will still be under 8 billion people. This short-term trend will change the landscape of identity and access management and change the security requirements of enterprises everywhere.
Ronnie Mitra: Can Your API be BREACHed? TLS and SSL form the foundations of security on the Web. Everything from card payments to OAuth bearer tokens depend on the confidentiality and integrity that a secure TLS connection can provide. So when a team of clever engineers unveiled a new attack on SSL/TLS - called BREACH - at July's Black Hat conference, more than a few eyebrows were raised. Now that it's Cyber Security Awareness Month, it seems like a good time to examine the BREACH threat.
www.odata.org OData is a standardized protocol for creating and consuming data APIs. OData builds on core protocols like HTTP and commonly accepted methodologies like REST. The result is a uniform way to expose full-featured data APIs.
Identity Woman: Interesting events in 2013 This is a calendar of events that I know in 2013 (and beyond). I think they're interesting, I'm currently planning on attending all the events in BLACK, I'm helping co-organize all the events with RED headlines. Some events will change from interesting to attending as they approach.
12th Annual Smart Card Alliance Government Conference Washington, D.C.; Oct. 14 - 16, 2013 | 8:30 AM - 5:00 PM The 12th Annual Smart Card Alliance Government Conference will survey opportunities and challenges for government issuers, accreditation and testing authorities, procurement programs, and the industry to meet the government's market demands.
User-Centric ID Live Opportunities for relying parties in NSTIC and the new identity ecosystem. Oct. 15-16, 2013 - Washington Convention Center, Washington, D.C.
VRM and Personal Cloud Day Personal Data Ecosystem Consortium Monday, Oct. 21, 2013 from 9:00 AM to 4:30 PM (PDT) Mountain View, CA. This day precedes the Internet Identity Workshop and is designed to support enhanced community connection and usefulness of that event. We encourage everyone coming to VRM - Personal Cloud Day to register for at least one day of IIW - registration is here http://iiw17.eventbrite.com
eID & ePass 5th edition National eID & ePassport Conference - the Global Forum on the drivers behind the digitalization of citizen ID documents proudly announce the 5th edition in BERLIN 2013, 28th & 29th of October @Intercontinental Berlin.
InCommon Advance CAMP: Identity Services Summit Nov. 12-13, 2013 San Jose, CA. https://spaces.internet2.edu/display/ACAMP2013/Home Part of the 2013 Identity Week (www.incommon.org/idweek) Join leading identity architects and developers from U.S. research and higher education and international and commercial identerati at Advance CAMP. Explore the state of the art in identity services and discuss the leading edge work that's taking us there. Join us and get involved!
InCommon: CAMP Cloud: Identity and Access in an Era of Outsourced Services Nov. 14-15, 2013 - San Jose, CA. Part of the 2013 Identity Week (www.incommon.org/idweek) Are your campus stakeholders looking at cloud-based solutions? Are you experiencing challenges or do you have concerns with outsourcing email, storage, or other essential services? Are you concerned about the management and maintenance of an accurate, accountable identity inventory? Learn about solutions being discussed and implemented across higher education.
KuppingerCole Information Risk & Security Summit 2014 Nov. 27-28, 2013, Frankfurt, Germany The conference offers an unseen combination of thought leadership and interactive session formats, tackling the most demanding questions IT professionals are confronted with: How to support the extended & connected enterprise with brilliant services without taking too many too big risks.