Managing consumer or citizen identities comes with two key problems--scale and cost--prompting organizations that require onboarding, authentication, and <a href="http://www.csoonline.com/article/684895/password-management-systems-how-to-compare-and-use-them">password management</a> to look for ways to outsource this effort. Entertainment websites, online retailers, and even US federal government-to-citizen websites are experimenting with a federated model for more of their identity management life cycle. By using single sign-on (SSO) and attribute-sharing between "social" identity providers (IdPs) (i.e. Google and Facebook) and relying parties (RPs), this model effectively reduces cost and improves the customer experience.
Eve Maler |
14 Jul |
Read more
There has been a bit of a splash in the press recently about a mention by former CIA Director Gen. Michael Hayden of the idea of creating new, extra secure internets for government or commerce. Users would have to give up their privacy to use these versions of the Internet, with a requirement for the use of real names and all their traffic subject to deep packet inspection. The vision seems to be that government would use one such network and services such as banking would use another.
Scott Bradner |
13 Jul |
Read more
The curtain has fallen on the 50 day performance by hacker group LulzSec. Its campaign of mayhem and destruction, peppered with witty commentary captivated the world.
In an alternate universe where Lulzcats reign and anti-security is the norm, it might have even earned a spot on its first target, The X-Factor. But on this earth its members may still be captured by its later targets: the CIA, US law enforcement and the FBI.
Liam Tung |
12 Jul |
Read more
Hacker group Anonymous continued an assault on government contractors Monday as it released 90,0000 military email addresses, passwords and some other data from military contractor <a href="http://www.boozallen.com/consulting">Booz Allen Hamilton</a>.
Paul Suarez |
12 Jul |
Read more
U.K. cybercrime investigators claimed victory with the sentencing of three men on Monday following the prosecution of an organized phishing gang.
Jeremy Kirk |
12 Jul |
Read more
Over 900 police staff have abused access to confidential databases over a four year period, according to data found through Freedom of Information requests.
Leo King |
09 Jul |
Read more
Attorneys-General from the United States, United Kingdom, Canada, New Zealand and Australia will meet in Sydney next week to discuss joint actions to address the growth of online threats.
Stilgherrian |
08 Jul |
Read more
After years of being accused of doing little to enforce Health Insurance Portability and Accountability Act's security and privacy rules, the U.S. Department of Health and Human Services appears to be finally getting serious about cracking down on offenders.
Jaikumar Vijayan |
08 Jul |
Read more
Despite the current focus on security stemming from the massive data breaches that resulted from hackers exploiting low- and high-level system vulnerabilities, few businesses in the UK and Australia are interested in auditing systems -- even when they're free.
Liam Tung |
08 Jul |
Read more
Seven in 10 senior civil servants think the use of personal laptops in the workplace increases data security risks, and 80 percent also believe smartphones worsen the potential problem.
Antony Savvas |
07 Jul |
Read more
It was widely reported last week that as part of a study, the U.S. Department of Homeland Security (DHS) randomly dropped USB and optical drives in government and private contractor parking lots -- and more than half of those who picked one up readily plugged it into their work computer.
Lucas Mearian |
07 Jul |
Read more
The Department of Energy's Pacific Northwest National Laboratory (PNNL) is working on restoring Internet connectivity and email services after being hit by a "sophisticated cyberattack" five days ago.
Jaikumar Vijayan |
07 Jul |
Read more
A proposal to force employers to use the federal <a href="http://www.computerworld.com/s/article/9135526/DHS_Congress_look_to_strengthen_E_Verify_system">E-Verify system</a> to vet new employees has stoked widespread privacy concerns.
Jaikumar Vijayan |
06 Jul |
Read more
The Twitter account for Fox News was apparently hacked, with six tweets falsely reporting early Monday morning that U.S. President Barack Obama had been shot twice in an Iowa restaurant while campaigning.
Jeremy Kirk |
04 Jul |
Read more
The UK’s Information Commissioner has ordered the National Health Service to tighten its grip on security, fearing that data protection is a “systemic problem” for its organisations.
Five health NHS organisations have signed recent data security undertakings in response to potential privacy breaches this year caused by staff losing patient records, faxing medical reports to the wrong number, and losing laptops.
Liam Tung |
04 Jul |
Read more
The Anonymous hacking group has taken another swipe at police in Arizona, launching online attacks against several police union websites and publishing e-mail messages stolen from law enforcement officers.
Robert McMillan |
02 Jul |
Read more
Arizona State Police recently fell victim to a <a href="http://www.pcworld.com/businesscenter/article/231067/lulzsec_said_it_leaked_arizona_police_documents.html">second embarrassing data dump</a> that included information stolen from the personal e-mail accounts of 12 Arizona police officers. The stolen data, according to the hackers, includes names, addresses, phone numbers, passwords, Social Security numbers, online dating account info, voicemails, chat logs, internal police reports, and racist chain e-mails. Hackers also say they nabbed the personal data of Stephen Harrison, a spokesman for the Arizona Department of Public Safety.
Ian Paul |
01 Jul |
Read more
The government's roll out of a smart grid energy network needs a more thorough and "coherent" look at security, according to an official report.
Antony Savvas |
30 Jun |
Read more
After nearly four chaotic years, Australia's internet filtering scheme is finally coming together in a way that makes sense technically and politically, if not necessarily for effective child protection.
Stilgherrian |
30 Jun |
Read more
Since 1997 identity theft and fraud has affected more than 5.4 million people in the United States. And that number is on the rise with, more than 1.3 million complaints to the <a href="http://www.ftc.gov/sentinel/">Consumer Sentinel Network</a> (CSN) between January and December of 2009 alone. <a href="http://www.ftc.gov/sentinel/reports/sentinel-annual-reports/sentinel-cy2009.pdf">According to the Federal Trade Commission</a> (PDF), of the 721,418 fraud-related complaints to the CSN in 2009, this has cost customers [of various products and services] more than 1.7 billion dollars at a median payout of $399. But what can companies do to prevent fraud and identity theft?
James Mulroy |
30 Jun |
Read more