I’ve always been interested in the human desire to belong to groups and how we adapt our appearance to show which ‘group’ we’re in. Even in our teenage years when many of us believe the way we dress is non-conformist in truth we’re aligning ourselves to a sub-group that exists out there.
A friend of mine in her first year at university always wore Levi 501s and walked to her English lectures with an Eighteenth century novel poking out of her right back pocket and a pack of Marlboro cigarettes in her left. The signals she hoped she gave off then make her cringe beyond belief today!
Because that’s what happens, the identity we choose to present to the outside world changes over time. Many of us become less concerned about rebelling, or we gain confidence about our identity and the way we choose to transmit it.
Read More »
Tags: appearances, diversity, groups, identity, inclusion
Organizations are faced with providing security for employees that are rapidly adopting new technology in their personal and professional lives and expect their work environments and employers to do the same. As the data from the new Cisco 2011 Annual Security Report and the Cisco Connected World Technology Report Chapter 3 show, organizations that do not or cannot provide that type of environment are at risk of losing the ability to compete for those employees and business opportunities. If employers attempt to block, deny, or forbid mobile devices, social networks, instant communications, and new technologies in the work place employees will likely ignore the policies or, even worse, find ways around them that open your environment to unrealized risks.
Read More »
Tags: 2011 annual security report, botnets, Cisco, cloud_computing, cyber security, DDoS, identity, malware, security, spam
I read an article recently discussing the advantages and disadvantages of smartcards. I know that there have been quite a few distributed, but it seems to me that the adoption rate and the length of time they have been available are a bit out of sync. I would have thought that we would have many more smartcards, used in more places, being as they werer actually invented in 1968, and were widely used in French pay phones starting in 1983.
Read More »
Tags: government, identity, logical security, physical security, retail, security, smartcards, Smartphones
In my last post on this topic, I highlighted just how true the words “Work is no longer a place you go, but what you do” really are. We now have the ability to work anytime, anywhere, using any device. As easy as this has made the lives of workers all over the world, it’s made the lives of security administrators immensely difficult. Providing secure access to the corporate network in a borderless world, while still somehow keeping out the bad stuff, has caused traditional security policies to become increasingly difficult to configure, manage, and troubleshoot – the source of inordinate amounts of pain for security administrators.
That’s why Cisco has introduced identity-based firewall security as a new capability of the ASA platform. As the first installation of what will soon become full context-aware security, identity-based firewall security enables security administrators to utilize the plain language names of users and groups in policy definitions. Rather than authoring and managing the growing list of IP addresses to cover every possible location, device, or protocol that may be required for secure access to the network, identity-based firewall security enables security administrators to grant access to “Jeff.” Regardless of where I am or what I’m using for access, I’m still Jeff… so in the simplest case, my administrator can literally write one policy to provide “Jeff” access to the corporate network, rather than six different IP addresses for all the instantiations of Jeff.
Read More »
Tags: ASA, borderless, firewall, identity, security
This is part of an ongoing series on the National Strategy for Trusted Identities in Cyberspace. The introduction to this series can be found here.
The National Strategy for Trusted Identities in Cyberspace (NSTIC) proposes a large ecosystem of identity providers, attribute providers, and relying parties that must establish trust with each other in various ways. NSTIC requires various types of trust within the identity ecosystem. These include:
- Users must trust that their Identity Provider will manage their credentials securely and in their best interest.
- Relying Parties must trust in the attributes provided by Attribute Providers.
- Relying Parties must trust Identity Providers to provide the requested strength of authentication and to manage credentials and attributes correctly.
The term “federated identity” is widely used to refer to identity systems that span multiple organizations, each of which maintains its own identity information. That arrangement is typically used between an enterprise and its business partners, such as contract manufacturers, channel partners, and consulting firms. Trust is established individually with each. A fully meshed federation of n participants would require n(n-1) such agreements, which does not scale well beyond small federations, especially considering that these agreements often take the form of contractual negotiation between each party.
Read More »
Tags: identity, NSTIC, NSTIC Series, security