Agile development methods and CMMI (Capability Maturity Model® Integration) best practices
are often perceived to be at odds with each other. This report clarifies why the discord need not exist and proposes that CMMI and Agile champions work toward deriving benefit from using
both and exploit synergies that have the potential to dramatically improve business performance.
08tn003.pdf (application/pdf Object)
Thursday, April 30, 2009
Wednesday, April 22, 2009
Active Directory Replication over Firewalls
Active Directory Replication over Firewalls
This white paper explains how to get replication to function properly in environments where an Active Directory directory forest is distributed among internal perimeter networks (also known as DMZ, demilitarized zones, and screened subnets) and external (Internet-facing) networks.
This white paper explains how to get replication to function properly in environments where an Active Directory directory forest is distributed among internal perimeter networks (also known as DMZ, demilitarized zones, and screened subnets) and external (Internet-facing) networks.
Monday, April 20, 2009
Conference Home Page
Conference Home Page
Properly managing and protecting your corporate identity -- and that of your customers -- is essential in today's world. You must bulletproof your identity management tools and practices for many critical business reasons: to protect company data and assets, to automate compliance processes, to reduce operational costs or simply to drive greater efficiencies.
Identity management technologies, tools and the manner in which you use them is constantly evolving. Digital ID World 2009 will give you a solid foundation and access to the kind of extensive, in-depth knowledge necessary to succeed in every phase of managing and protecting your organizational identity, as well as that of your employees and customers.
Properly managing and protecting your corporate identity -- and that of your customers -- is essential in today's world. You must bulletproof your identity management tools and practices for many critical business reasons: to protect company data and assets, to automate compliance processes, to reduce operational costs or simply to drive greater efficiencies.
Identity management technologies, tools and the manner in which you use them is constantly evolving. Digital ID World 2009 will give you a solid foundation and access to the kind of extensive, in-depth knowledge necessary to succeed in every phase of managing and protecting your organizational identity, as well as that of your employees and customers.
IDology - ID verification, identity verification, age verification for eCommerce
IDology - ID verification, identity verification, age verification for eCommerce: "IDology provides a faster, safer way to identify legitimate customers so you are able to complete more transactions in less time. You can expect more satisfied customers too because our real-time automated identity verification and age verification solutions are designed with consumer protection in mind."
R-Card - Eclipsepedia
R-Card - Eclipsepedia
An R-Card is a kind of I-Card that holds an Entity UDI as described by the Context Data Model. This Entity UDI references an Entity object, analogously to how a URL references an HTML document in the Web.
An R-Card is a kind of I-Card that holds an Entity UDI as described by the Context Data Model. This Entity UDI references an Entity object, analogously to how a URL references an HTML document in the Web.
Thursday, April 16, 2009
08-chadwick-filespace.pdf (application/pdf Object)
08-chadwick-filespace.pdf (application/pdf Object)
FileSpace
An Alternative to CardSpace that supports Multiple Token
Authorisation and Portability Between Devices
FileSpace
An Alternative to CardSpace that supports Multiple Token
Authorisation and Portability Between Devices
03-huang-calculus.pdf (application/pdf Object)
03-huang-calculus.pdf (application/pdf Object)
A Calculus of Trust and Its Application to
PKI and Identity Management
A Calculus of Trust and Its Application to
PKI and Identity Management
03-gupta-piv.pdf (application/pdf Object)
03-gupta-piv.pdf (application/pdf Object)
Personal Identity Verification (PIV) Cards as Federated Identities – Challenges and Opportunities
Personal Identity Verification (PIV) Cards as Federated Identities – Challenges and Opportunities
Wednesday, April 15, 2009
What is Yadis - Yadis
What is Yadis - Yadis:
"Given an identity URL and no other information, how do we know what protocol needs to be used to authenticate that user? Yadis is a service discovery system allowing relying parties (aka identity consumers or membersites) to determine automatically, without end-user intervention, the most appropriate protocol to use."
"Given an identity URL and no other information, how do we know what protocol needs to be used to authenticate that user? Yadis is a service discovery system allowing relying parties (aka identity consumers or membersites) to determine automatically, without end-user intervention, the most appropriate protocol to use."
DomainKeys Identified Mail (DKIM)
DomainKeys Identified Mail (DKIM)
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
trust-report-2008.pdf (application/pdf Object)
trust-report-2008.pdf (application/pdf Object)
To be trusted, the Internet must provide channels for secure, reliable, private com-munication between entities, which can be clearly authenticated in a mutually understood manner. The Internet Society (ISOC) Board of Trustees has determined that the issue of trust is both important and crucial for the long-term growth and success of the Internet. After a review of current literature and of emerging research efforts as well as consultations with subject experts, the following areas were deemed to be of special importance:
Advancing Internet architecture by supporting the implementation of open trust mechanisms throughout the full cycle of research, standardization, development, and deployment
Strengthening the current Internet model by focusing on the mitigation of social, policy, and economic drivers that could hinder development and deployment of trust-enabling technologies
Facilitating end users’ ability to manage personal data and ensure personal security by elevating identity to a position as a core issue in network research and standards development
To be trusted, the Internet must provide channels for secure, reliable, private com-munication between entities, which can be clearly authenticated in a mutually understood manner. The Internet Society (ISOC) Board of Trustees has determined that the issue of trust is both important and crucial for the long-term growth and success of the Internet. After a review of current literature and of emerging research efforts as well as consultations with subject experts, the following areas were deemed to be of special importance:
Advancing Internet architecture by supporting the implementation of open trust mechanisms throughout the full cycle of research, standardization, development, and deployment
Strengthening the current Internet model by focusing on the mitigation of social, policy, and economic drivers that could hinder development and deployment of trust-enabling technologies
Facilitating end users’ ability to manage personal data and ensure personal security by elevating identity to a position as a core issue in network research and standards development
Internet Society (ISOC) - Major Initiative Survey
Internet Society (ISOC) - Major Initiative Survey
The Internet Society's Trust and Identity initiative recognises that in order to be trusted, the Internet must provide channels for secure, reliable, private, communication between entities, which can be clearly authenticated in a mutually understood manner. The mechanisms that provide this level of assurance must support both the end-to-end nature of Internet architecture and reasonable means for entities to manage and protect their own identity details.
The Internet Society's Trust and Identity initiative recognises that in order to be trusted, the Internet must provide channels for secure, reliable, private, communication between entities, which can be clearly authenticated in a mutually understood manner. The mechanisms that provide this level of assurance must support both the end-to-end nature of Internet architecture and reasonable means for entities to manage and protect their own identity details.
In Context
In Context
Dan Blum from Burton Group
U.S. Federal Authentication and Identity Programs are Making Progress and Impacting Industry, But Much Work Remains
Presented for NIST IDTrust 2009
Dan Blum from Burton Group
U.S. Federal Authentication and Identity Programs are Making Progress and Impacting Industry, But Much Work Remains
Presented for NIST IDTrust 2009
ICF Information Cards
ICF Information Cards
Information Cards are the new way to control your personal data and identity on the web.
The Information Card Foundation is a group of thoughtful designers, architects, and companies who want to make the digital world easier for you by building better products that help you get control of your personal information.
Higgins Home
Higgins Home
Higgins is a framework that enables users and applications to integrate identity, profile, and relationship information across multiple data sources and protocols. Higgins is organized into three main areas: Higgins Selector, Identity Services (i.e. Identity Provider and Relying Party code), and the Higgins Identity Data Service.
Higgins is a framework that enables users and applications to integrate identity, profile, and relationship information across multiple data sources and protocols. Higgins is organized into three main areas: Higgins Selector, Identity Services (i.e. Identity Provider and Relying Party code), and the Higgins Identity Data Service.
Tuesday, April 14, 2009
Identity Fragmentation | Francis Shanahan[.com]
Identity Fragmentation | Francis Shanahan[.com]: "at listing"
Francis Shanahan's attempt to map the level if fragmentation in one's online identity.
Francis Shanahan's attempt to map the level if fragmentation in one's online identity.
How the Web Was Won | vanityfair.com
How the Web Was Won | vanityfair.com
It took me a while to come across this. Interesting overview of the players that created the Internet and WWW in their own words.
It took me a while to come across this. Interesting overview of the players that created the Internet and WWW in their own words.
Monday, April 13, 2009
Francis Shanahan[.com]
Francis Shanahan[.com]: "Cardspace Managed Card and STS Test Harness
Welcome to my Managed Cardspace Card Generator, Relying Party Test Harness and Security Token Service. These components implement a full end-to-end claims federation scenario involving Username/Password backed Managed Cards and the Cardspace Identity Selector."
Welcome to my Managed Cardspace Card Generator, Relying Party Test Harness and Security Token Service. These components implement a full end-to-end claims federation scenario involving Username/Password backed Managed Cards and the Cardspace Identity Selector."
Friday, April 10, 2009
| CISSP CPE requirements CISSP® | |
| Group A Credits: Direct Information Security Domains of the (ISC)2 CBK | Group B Credits: Suggested Categories of General Professional Development Activities |
|
|
Involvement in activities involving hobbies or a second profession not related to the credential are not eligible for CPE credits. Examples of activities that do not qualify are attending association meetings as a member, not specifically related to your credential. (i.e. Alumi Association meetins, PTA or a Photography club.
Please note:
The guidelines and the above charts provide examples of qualifying activities and are not intended to be a complete listing. These are guidelines only. Unless expressly prohibited, other activities related to the Group A domains and Group B categories may also qualify. As a professional who follows the (ISC)²® Code of Ethics, you are encouraged to use your best judgment within these guidelines and charts to determine your CPE credits for activities not listed above.
Thursday, April 09, 2009
Wednesday, April 08, 2009
missmiis : ILM “2″ RC0 Part 1 - Installation
missmiis
Adventures in Identity Management
ILM “2″ RC0 Part 1 - Installation
missmiis : ILM “2″ RC0 Part 1 - Installation: "ILM “2″ RC0 Part 1 - Installation"
Adventures in Identity Management
ILM “2″ RC0 Part 1 - Installation
missmiis : ILM “2″ RC0 Part 1 - Installation: "ILM “2″ RC0 Part 1 - Installation"
Tuesday, April 07, 2009
PDC-2008.pdf (application/pdf Object)
MicrosoftKim Cameron
[IDENTITY SOFTWARE + SERVICES ROADMAP]
This paper is based on a presentation made to the Microsoft Professional Developers Conference (PDC) in Los Angeles in early November 2008. It speaks primarily to a developer and architect audience, but I’m sharing it more widely in the hope that it might shed light on how Microsoft sees identity, providing insight into the products and services we have been building to deliver on the industry-wide vision of an interoperable Identity Metasystem. This paper is written as a narrative that mirrors how I delivered the talk on stage.
PDC-2008.pdf (application/pdf Object)
[IDENTITY SOFTWARE + SERVICES ROADMAP]
This paper is based on a presentation made to the Microsoft Professional Developers Conference (PDC) in Los Angeles in early November 2008. It speaks primarily to a developer and architect audience, but I’m sharing it more widely in the hope that it might shed light on how Microsoft sees identity, providing insight into the products and services we have been building to deliver on the industry-wide vision of an interoperable Identity Metasystem. This paper is written as a narrative that mirrors how I delivered the talk on stage.
PDC-2008.pdf (application/pdf Object)
Sunday, April 05, 2009
Saturday, April 04, 2009
0321194438_book.pdf (application/pdf Object)
Open Source Security Tools
Practical Applications for Security
by: Tony Howlett
0321194438_book.pdf (application/pdf Object)
Practical Applications for Security
by: Tony Howlett
0321194438_book.pdf (application/pdf Object)
crosstalks_book1.pdf (application/pdf Object)
How Open is the Future?
Economic, Social & Cultural Scenarios inspired by Free & Open-Source Software
by Marleen Wynants & Jan Cornelis (Eds)
at: crosstalks_book1.pdf (application/pdf Object)
Economic, Social & Cultural Scenarios inspired by Free & Open-Source Software
by Marleen Wynants & Jan Cornelis (Eds)
at: crosstalks_book1.pdf (application/pdf Object)
Friday, April 03, 2009
Thursday, April 02, 2009
Wednesday, April 01, 2009
Subscribe to:
Comments (Atom)