The Uncertain Future
Visualizing "The Future According to You"
The Uncertain Future is a future technology and world-modeling project by the Singularity Institute for Artificial Intelligence. Its goal is to allow those interested in future technology to form their own rigorous, mathematically consistent model of how the development of advanced technologies will affect the evolution of civilization over the next hundred years. To facilitate this, we have gathered data on what experts think is going to happen, in such fields as semiconductor development, biotechnology, global security, Artificial Intelligence and neuroscience. We invite you, the user, to read about the opinions of these experts, and then come to your own conclusion about the likely destiny of mankind.
Sunday, December 13, 2009
Thursday, November 26, 2009
webauth:tr.pdf (application/pdf Object)
webauth:tr.pdf (application/pdf Object)
Dos and Don’ts of Client Authentication on the Web
Kevin Fu, Emil Sit, Kendra Smith, Nick Feamster
MIT Laboratory for Computer Science
http://cookies.lcs.mit.edu/
Dos and Don’ts of Client Authentication on the Web
Kevin Fu, Emil Sit, Kendra Smith, Nick Feamster
MIT Laboratory for Computer Science
http://cookies.lcs.mit.edu/
Sunday, November 01, 2009
Friday, October 16, 2009
Monday, October 05, 2009
http://www.math.ucla.edu/~jimc/documents/authen-0702.html
The paradigm discussed is where the user authenticates only once, and all the servers in the system believe in that one authentication. The author calls this transitive authentication, because trust in the identity crosses over from the initial authentication to subsequent service activities, others refer to it as single sign-on.
The paradigm discussed is where the user authenticates only once, and all the servers in the system believe in that one authentication. The author calls this transitive authentication, because trust in the identity crosses over from the initial authentication to subsequent service activities, others refer to it as single sign-on.
Thursday, October 01, 2009
Monday, August 03, 2009
SAML2 Profiles for PIV Subjects and Backend Attribute Exchange
FIPS 201 defines a US Government-wide interoperable identification credential for controlling physical access to federal facilities and logical access to federal information systems. The FIPS 201 credential, known as the Personal Identity Verification (PIV) Card, supports PIV Cardholder authentication using information securely stored on the PIV Card. Some PIV Cardholder information is available on-card through PIV Card external physical topology (i.e., card surface) and PIV Card internal data storage (e.g. Magnetic stripe, integrated circuit chip).
FIPS 201 defines a US Government-wide interoperable identification credential for controlling physical access to federal facilities and logical access to federal information systems. The FIPS 201 credential, known as the Personal Identity Verification (PIV) Card, supports PIV Cardholder authentication using information securely stored on the PIV Card. Some PIV Cardholder information is available on-card through PIV Card external physical topology (i.e., card surface) and PIV Card internal data storage (e.g. Magnetic stripe, integrated circuit chip).
http://www.nsa.gov/ia/_files/SAML_Profile_20080716.pdf
This profile has been created to establish a standard means to express policies and attributes within the Security Assertion Markup Language (SAML) construct. The scope of this profile is strictly limited to transactions involving SAML attributes.
This profile has been created to establish a standard means to express policies and attributes within the Security Assertion Markup Language (SAML) construct. The scope of this profile is strictly limited to transactions involving SAML attributes.
Monday, June 01, 2009
Sunday, May 03, 2009
Thursday, April 30, 2009
08tn003.pdf (application/pdf Object)
Agile development methods and CMMI (Capability Maturity Model® Integration) best practices
are often perceived to be at odds with each other. This report clarifies why the discord need not exist and proposes that CMMI and Agile champions work toward deriving benefit from using
both and exploit synergies that have the potential to dramatically improve business performance.
08tn003.pdf (application/pdf Object)
are often perceived to be at odds with each other. This report clarifies why the discord need not exist and proposes that CMMI and Agile champions work toward deriving benefit from using
both and exploit synergies that have the potential to dramatically improve business performance.
08tn003.pdf (application/pdf Object)
Wednesday, April 22, 2009
Active Directory Replication over Firewalls
Active Directory Replication over Firewalls
This white paper explains how to get replication to function properly in environments where an Active Directory directory forest is distributed among internal perimeter networks (also known as DMZ, demilitarized zones, and screened subnets) and external (Internet-facing) networks.
This white paper explains how to get replication to function properly in environments where an Active Directory directory forest is distributed among internal perimeter networks (also known as DMZ, demilitarized zones, and screened subnets) and external (Internet-facing) networks.
Monday, April 20, 2009
Conference Home Page
Conference Home Page
Properly managing and protecting your corporate identity -- and that of your customers -- is essential in today's world. You must bulletproof your identity management tools and practices for many critical business reasons: to protect company data and assets, to automate compliance processes, to reduce operational costs or simply to drive greater efficiencies.
Identity management technologies, tools and the manner in which you use them is constantly evolving. Digital ID World 2009 will give you a solid foundation and access to the kind of extensive, in-depth knowledge necessary to succeed in every phase of managing and protecting your organizational identity, as well as that of your employees and customers.
Properly managing and protecting your corporate identity -- and that of your customers -- is essential in today's world. You must bulletproof your identity management tools and practices for many critical business reasons: to protect company data and assets, to automate compliance processes, to reduce operational costs or simply to drive greater efficiencies.
Identity management technologies, tools and the manner in which you use them is constantly evolving. Digital ID World 2009 will give you a solid foundation and access to the kind of extensive, in-depth knowledge necessary to succeed in every phase of managing and protecting your organizational identity, as well as that of your employees and customers.
IDology - ID verification, identity verification, age verification for eCommerce
IDology - ID verification, identity verification, age verification for eCommerce: "IDology provides a faster, safer way to identify legitimate customers so you are able to complete more transactions in less time. You can expect more satisfied customers too because our real-time automated identity verification and age verification solutions are designed with consumer protection in mind."
R-Card - Eclipsepedia
R-Card - Eclipsepedia
An R-Card is a kind of I-Card that holds an Entity UDI as described by the Context Data Model. This Entity UDI references an Entity object, analogously to how a URL references an HTML document in the Web.
An R-Card is a kind of I-Card that holds an Entity UDI as described by the Context Data Model. This Entity UDI references an Entity object, analogously to how a URL references an HTML document in the Web.
Thursday, April 16, 2009
08-chadwick-filespace.pdf (application/pdf Object)
08-chadwick-filespace.pdf (application/pdf Object)
FileSpace
An Alternative to CardSpace that supports Multiple Token
Authorisation and Portability Between Devices
FileSpace
An Alternative to CardSpace that supports Multiple Token
Authorisation and Portability Between Devices
03-huang-calculus.pdf (application/pdf Object)
03-huang-calculus.pdf (application/pdf Object)
A Calculus of Trust and Its Application to
PKI and Identity Management
A Calculus of Trust and Its Application to
PKI and Identity Management
03-gupta-piv.pdf (application/pdf Object)
03-gupta-piv.pdf (application/pdf Object)
Personal Identity Verification (PIV) Cards as Federated Identities – Challenges and Opportunities
Personal Identity Verification (PIV) Cards as Federated Identities – Challenges and Opportunities
Wednesday, April 15, 2009
What is Yadis - Yadis
What is Yadis - Yadis:
"Given an identity URL and no other information, how do we know what protocol needs to be used to authenticate that user? Yadis is a service discovery system allowing relying parties (aka identity consumers or membersites) to determine automatically, without end-user intervention, the most appropriate protocol to use."
"Given an identity URL and no other information, how do we know what protocol needs to be used to authenticate that user? Yadis is a service discovery system allowing relying parties (aka identity consumers or membersites) to determine automatically, without end-user intervention, the most appropriate protocol to use."
DomainKeys Identified Mail (DKIM)
DomainKeys Identified Mail (DKIM)
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
trust-report-2008.pdf (application/pdf Object)
trust-report-2008.pdf (application/pdf Object)
To be trusted, the Internet must provide channels for secure, reliable, private com-munication between entities, which can be clearly authenticated in a mutually understood manner. The Internet Society (ISOC) Board of Trustees has determined that the issue of trust is both important and crucial for the long-term growth and success of the Internet. After a review of current literature and of emerging research efforts as well as consultations with subject experts, the following areas were deemed to be of special importance:
Advancing Internet architecture by supporting the implementation of open trust mechanisms throughout the full cycle of research, standardization, development, and deployment
Strengthening the current Internet model by focusing on the mitigation of social, policy, and economic drivers that could hinder development and deployment of trust-enabling technologies
Facilitating end users’ ability to manage personal data and ensure personal security by elevating identity to a position as a core issue in network research and standards development
To be trusted, the Internet must provide channels for secure, reliable, private com-munication between entities, which can be clearly authenticated in a mutually understood manner. The Internet Society (ISOC) Board of Trustees has determined that the issue of trust is both important and crucial for the long-term growth and success of the Internet. After a review of current literature and of emerging research efforts as well as consultations with subject experts, the following areas were deemed to be of special importance:
Advancing Internet architecture by supporting the implementation of open trust mechanisms throughout the full cycle of research, standardization, development, and deployment
Strengthening the current Internet model by focusing on the mitigation of social, policy, and economic drivers that could hinder development and deployment of trust-enabling technologies
Facilitating end users’ ability to manage personal data and ensure personal security by elevating identity to a position as a core issue in network research and standards development
Internet Society (ISOC) - Major Initiative Survey
Internet Society (ISOC) - Major Initiative Survey
The Internet Society's Trust and Identity initiative recognises that in order to be trusted, the Internet must provide channels for secure, reliable, private, communication between entities, which can be clearly authenticated in a mutually understood manner. The mechanisms that provide this level of assurance must support both the end-to-end nature of Internet architecture and reasonable means for entities to manage and protect their own identity details.
The Internet Society's Trust and Identity initiative recognises that in order to be trusted, the Internet must provide channels for secure, reliable, private, communication between entities, which can be clearly authenticated in a mutually understood manner. The mechanisms that provide this level of assurance must support both the end-to-end nature of Internet architecture and reasonable means for entities to manage and protect their own identity details.
In Context
In Context
Dan Blum from Burton Group
U.S. Federal Authentication and Identity Programs are Making Progress and Impacting Industry, But Much Work Remains
Presented for NIST IDTrust 2009
Dan Blum from Burton Group
U.S. Federal Authentication and Identity Programs are Making Progress and Impacting Industry, But Much Work Remains
Presented for NIST IDTrust 2009
ICF Information Cards
ICF Information Cards
Information Cards are the new way to control your personal data and identity on the web.
The Information Card Foundation is a group of thoughtful designers, architects, and companies who want to make the digital world easier for you by building better products that help you get control of your personal information.
Higgins Home
Higgins Home
Higgins is a framework that enables users and applications to integrate identity, profile, and relationship information across multiple data sources and protocols. Higgins is organized into three main areas: Higgins Selector, Identity Services (i.e. Identity Provider and Relying Party code), and the Higgins Identity Data Service.
Higgins is a framework that enables users and applications to integrate identity, profile, and relationship information across multiple data sources and protocols. Higgins is organized into three main areas: Higgins Selector, Identity Services (i.e. Identity Provider and Relying Party code), and the Higgins Identity Data Service.
Tuesday, April 14, 2009
Identity Fragmentation | Francis Shanahan[.com]
Identity Fragmentation | Francis Shanahan[.com]: "at listing"
Francis Shanahan's attempt to map the level if fragmentation in one's online identity.
Francis Shanahan's attempt to map the level if fragmentation in one's online identity.
How the Web Was Won | vanityfair.com
How the Web Was Won | vanityfair.com
It took me a while to come across this. Interesting overview of the players that created the Internet and WWW in their own words.
It took me a while to come across this. Interesting overview of the players that created the Internet and WWW in their own words.
Monday, April 13, 2009
Francis Shanahan[.com]
Francis Shanahan[.com]: "Cardspace Managed Card and STS Test Harness
Welcome to my Managed Cardspace Card Generator, Relying Party Test Harness and Security Token Service. These components implement a full end-to-end claims federation scenario involving Username/Password backed Managed Cards and the Cardspace Identity Selector."
Welcome to my Managed Cardspace Card Generator, Relying Party Test Harness and Security Token Service. These components implement a full end-to-end claims federation scenario involving Username/Password backed Managed Cards and the Cardspace Identity Selector."
Friday, April 10, 2009
| CISSP CPE requirements CISSP® | |
| Group A Credits: Direct Information Security Domains of the (ISC)2 CBK | Group B Credits: Suggested Categories of General Professional Development Activities |
|
|
Involvement in activities involving hobbies or a second profession not related to the credential are not eligible for CPE credits. Examples of activities that do not qualify are attending association meetings as a member, not specifically related to your credential. (i.e. Alumi Association meetins, PTA or a Photography club.
Please note:
The guidelines and the above charts provide examples of qualifying activities and are not intended to be a complete listing. These are guidelines only. Unless expressly prohibited, other activities related to the Group A domains and Group B categories may also qualify. As a professional who follows the (ISC)²® Code of Ethics, you are encouraged to use your best judgment within these guidelines and charts to determine your CPE credits for activities not listed above.
Thursday, April 09, 2009
Wednesday, April 08, 2009
missmiis : ILM “2″ RC0 Part 1 - Installation
missmiis
Adventures in Identity Management
ILM “2″ RC0 Part 1 - Installation
missmiis : ILM “2″ RC0 Part 1 - Installation: "ILM “2″ RC0 Part 1 - Installation"
Adventures in Identity Management
ILM “2″ RC0 Part 1 - Installation
missmiis : ILM “2″ RC0 Part 1 - Installation: "ILM “2″ RC0 Part 1 - Installation"
Tuesday, April 07, 2009
PDC-2008.pdf (application/pdf Object)
MicrosoftKim Cameron
[IDENTITY SOFTWARE + SERVICES ROADMAP]
This paper is based on a presentation made to the Microsoft Professional Developers Conference (PDC) in Los Angeles in early November 2008. It speaks primarily to a developer and architect audience, but I’m sharing it more widely in the hope that it might shed light on how Microsoft sees identity, providing insight into the products and services we have been building to deliver on the industry-wide vision of an interoperable Identity Metasystem. This paper is written as a narrative that mirrors how I delivered the talk on stage.
PDC-2008.pdf (application/pdf Object)
[IDENTITY SOFTWARE + SERVICES ROADMAP]
This paper is based on a presentation made to the Microsoft Professional Developers Conference (PDC) in Los Angeles in early November 2008. It speaks primarily to a developer and architect audience, but I’m sharing it more widely in the hope that it might shed light on how Microsoft sees identity, providing insight into the products and services we have been building to deliver on the industry-wide vision of an interoperable Identity Metasystem. This paper is written as a narrative that mirrors how I delivered the talk on stage.
PDC-2008.pdf (application/pdf Object)
Sunday, April 05, 2009
Saturday, April 04, 2009
0321194438_book.pdf (application/pdf Object)
Open Source Security Tools
Practical Applications for Security
by: Tony Howlett
0321194438_book.pdf (application/pdf Object)
Practical Applications for Security
by: Tony Howlett
0321194438_book.pdf (application/pdf Object)
crosstalks_book1.pdf (application/pdf Object)
How Open is the Future?
Economic, Social & Cultural Scenarios inspired by Free & Open-Source Software
by Marleen Wynants & Jan Cornelis (Eds)
at: crosstalks_book1.pdf (application/pdf Object)
Economic, Social & Cultural Scenarios inspired by Free & Open-Source Software
by Marleen Wynants & Jan Cornelis (Eds)
at: crosstalks_book1.pdf (application/pdf Object)
Friday, April 03, 2009
Thursday, April 02, 2009
Wednesday, April 01, 2009
Monday, March 30, 2009
Felix Gaehtgens
Felix Gaehtgens
The wild ride that was TEC 2009
The wild ride that was TEC 2009
29.03.2009 by Felix Gaehtgens
I just came back from this year’s Expert conference, TEC 2009. Last year it was still called the “Directory Expert’s Conference” (DEC). This year the conference has been extended to include training on Microsoft Exchange as well, hence the name change.
Thursday, March 26, 2009
Wednesday, March 25, 2009
10+ Microsoft Office add-ins to simplify your work - Downloads - TechRepublic
10+ Microsoft Office add-ins to simplify your work - Downloads - TechRepublic
By Susan Sales Harkins at TechRepublic
Add-ins are special COM files that extend the functionality of a program. In other words, they make your work simpler. Office's popularity—and occasionally, its limitations—makes it a perfect candidate for add-ins. Microsoft provides a number of them, but most add-ins are third-party products, and many are free. Here's a list of some of the most popular add-ins for Microsoft Office.
By Susan Sales Harkins at TechRepublic
Add-ins are special COM files that extend the functionality of a program. In other words, they make your work simpler. Office's popularity—and occasionally, its limitations—makes it a perfect candidate for add-ins. Microsoft provides a number of them, but most add-ins are third-party products, and many are free. Here's a list of some of the most popular add-ins for Microsoft Office.
Web inventor Berners Lee conned by fake Web site - Network World
Web inventor Berners Lee conned by fake Web site - Network World
It can happen to the best of us, buyer beware!
It can happen to the best of us, buyer beware!
Monday, March 23, 2009
Wednesday, March 11, 2009
Monday, March 09, 2009
Thursday, March 05, 2009
Tuesday, March 03, 2009
Saturday, February 28, 2009
Friday, February 27, 2009
Friday, February 20, 2009
Tuesday, February 17, 2009
Thursday, February 05, 2009
Sunday, February 01, 2009
Saturday, January 31, 2009
Subscribe to:
Comments (Atom)