Identity
ID Assurance Potential participants
<a href="http://ad.doubleclick.net/adj/ttm.xml/art;tn=3;tw=300;th=55;to=h;tcs=0;tcp=0;ta=center;tva=bottom;tc=ffffff;tnm=3;te=1;sz=100x50;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/adj/ttm.xml/art;tn=3;tw=300;th=55;to=h;tcs=0;tcp=0;ta=center;tva=bottom;tc=ffffff;tnm=3;te=1;sz=100x50;ord=123456789?" width="100" height="50" border="0" alt="" /></a> April 17, 2002 Overview The widespread uptake of e-commerce has been stalled as much by the inability of businesses to guarantee the privacy preferences of their customers for the personal data entrusted to them as by any other single factor.
Privacy and XML, Part I
Open source password manager gets two-factor authentication
Posted on 14 February 2012. Yubico announced a successful implementation of YubiKey two-factor authentication with the free, open source password manager software Password Safe. The joint solution offers Windows users an easy and affordable way to manage and secure their Internet passwords from their own computer. "The combination of Password Safe's proven Open Source approach to secure password management with Yubico's secure and elegant hardware authentication token provides users with the best of both worlds: independently verifiable two-factor security and ease-of use,” said Rony Shapiro, project manager for Password Safe.
Takeaway: Vincent Danen details the steps of setting up Google two-factor authentication for SSH. When Google introduced two-factor authentication for the Google and Google Apps accounts, they also created a pluggable authentication module (PAM) for Linux. This is great news for people running Linux servers who want to protect their remotely-accessible SSH accounts with two-factor authentication. For free.
Two-factor SSH authentication via Google secures Linux logins
Open Source Two-factor authentication: The WiKID Community Edition — Rhymes with Wicked
About the Community Version The WiKID Community Version is a free-as-in-speech two-factor authentication system. We have included every piece of the WiKID code, except code we licensed from 3rd parties. You can read more about the differences between the Community and Enterprise versions here. If you have questions or need support, please post them on the Nabble Forums. The Community Edition can be downloaded from the Sourceforge Site .
GrIDsure
GrIDsure was a personal identification system which extends the standard ‘shared-secret’ authentication model to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. It was invented by Jonathan Craymer and Stephen Howes in November 2005. It has received positive media reception. [ 1 ] [ 2 ] [ 3 ] GrIDsure went into liquidation in October 2011 after investor funding dried up. [ 4 ] On the 18th of November 2011 Cryptocard announced it has acquired the intellectual property of GrIDsure which includes 8 patents that have been granted and a further 16 pending. Cryptocard was already a GrIDsure OEM partner and uses the product in their portfolio.
OAuth
OAuth is an open standard for authorization . OAuth provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections. OAuth is a service that is complementary to, and therefore distinct from, OpenID . [ edit ] History OAuth began in November 2006 when Blaine Cook was developing the Twitter OpenID implementation.
Security Assertion Markup Language
Security Assertion Markup Language ( SAML , pronounced "sam-el" [ 1 ] ) is an XML -based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider . SAML is a product of the OASIS Security Services Technical Committee. SAML dates from 2001; the most recent update of SAML is from 2005. The single most important problem that SAML addresses is the web browser single sign-on (SSO) problem. Single sign-on solutions are abundant at the intranet level (using cookies , for example) but extending these solutions beyond the intranet has been problematic and has led to the proliferation of non-interoperable proprietary technologies.
Identity management
IdM, Access and Identity Management and Identity and Access Management redirects here. Identity management (IdM) describes the management of individual identifiers , their authentication, authorization , [ 1 ] and privileges within or across system and enterprise boundaries [ 2 ] with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks. [ 3 ] "Identity Management" and "Access and Identity Management" (or AIM) are used interchangeably in the area of Identity access management while identity management itself falls under the umbrella of IT Security . [ 4 ] Identity management systems , products, applications and platforms manage identifying and ancillary data about entities that include individuals, computer-related hardware and applications.