The first casualty of the Target breach is the company's highest ranking technology executive. Beth Jacob, chief information officer and executive vice president for technology services, announced her resignation from the retailer, which publicly confirmed in December that credit and debit card information for 40 million of its customers had been compromised. Target also said on Wednesday that it would create a high-level position to focus on web security.
Security expert Bruce Schneier talk at MIT about the NSA (Video) In this hour-long lecture, Schneier draws from both the Snowden documents and revelations from previous whistleblowers. His talk describes the sorts of surveillance the NSA conducts and how it conducts it. The emphasis is on the technical capabilities of the NSA, and not the politics or legality of their actions.
Pam Dingle: Now, OpenID Connect is Real (and ratified) We at Ping have participated in the standards process to make OpenID Connect happen, working with some crazy smart contributors. We cast our vote last week within the OpenID Foundation in support of the standard. And now that Connect is ratified, we can't wait to get out there and contribute to a very quickly growing ecosystem.
Kin Lane: Payment APIs I Am Watching I'm taking a look at teh world of payment APIs right now. As with all my other monitoring of the API space, I am only looking for the best approaches, by the most interesting companies in the space. So far I am tracking on 34 separate payment APIs.
Paul Madsen: OAuth 2.0: Enabling Identity for the Cloud, Mobile The key technical underpinnings of the cloud - and the emerging Internet of Things - are APIs. OAuth 2.0 defines a framework for securing application access to protected resources - often but not solely identity attributes of a particular user - through APIs, most typically RESTful.
Kantara Initiative: 2014 Upcoming Event EIC - May 12-16: The European Identity and Cloud Conference is an event we look forward to every year. We'll be hosting another workshop at EIC in 2014. We'll be presenting around IRM, UMA, Profiling of OpenID Connect & OAuth, and much more. Webinar - March 20: Access Management 2.0: UMA for the Enterprise; 11am-Noon (EDT). Free registration.
Cloud Security Alliance, SecureCloud 2014 April 1-2; Amsterdam. An opportunity for government experts, industry experts and corporate decision makers to discuss and exchange ideas about how to shape the future of cloud computing security. Focus is on legal issues, cryptography, incident reporting, critical information infrastructures and certification and compliance.
European Identity & Cloud Conference 2014 May 13-16, 2014; Munich, Germany The place where identity management, cloud and information security thought leaders and experts get together to discuss and shape the Future of secure, privacy-aware agile, business- and innovation driven IT.
Cloud Identity Summit 2014 The 2014 event will be held at the Monterey Conference Center in Monterey, Calif. from July 19-22, 2014.