manage privileged accounts or privileges themselves?
Interesting article on privileged account management at SC magazine. whenever i read about this i can’t help thinking there’s a problem with the model. i think of it like a house. and password vaults,...
View ArticleThe coolest stuff i saw at RSA
The coolest stuff I saw on the show floor at RSA: 1. Validus had an OTP card with a biometric built in all in the credit card form factor (http://validustech.com/index.cfm) 2. Aveksa, hiding out in the...
View Articleentitlements and access – separate but equal?
So I’ve finally had the time to digest a lot of the materials and notes I collected at catalyst 2009. Though the identity track had a lot of content around many topics, there was one theme I kept...
View ArticleRBAC and ABAC and Roles, oh my.
So I missed the Kuppinger Cole webinar with Felix Gaehtgens on ABAC, but I read the materials and the Q&A was really good. What it got me thinking was that there may not be enough good stuff in the...
View ArticleAccess Certification CBT/video for non-IT folks
I’m always in catch up mode with my reading. I finally got to Ian Glazer’s “Access Certification and Entitlement Management” on a plane to California. If you are in the market for access certification,...
View Article#eic10 part 2: lacking policy, lagging XACML, authZ not so externalized
I’m not sure why, but the theme for me at EIC10 was policy. It wasn’t that the sessions or discussions were intent on going there. If anything, it was quite the opposite. I sat in on one of the...
View Articlean identity schema: less is more
My degree is in philosophy; specifically I studied what would be called cognitive science or philosophy of mind. I still read papers and articles about the field occasionally as they come to my...
View ArticlePolicy Translation – The Art of Access Control Transcends RBAC, ABAC, etc.
After some holidays, lots of internal meetings, and some insane travel schedules, things are settling back down this week just in time for me to head to TEC. So I can get back to spending time with...
View Article“Security” is still seen as reactive controls & ignores IAM
There was an excellent article at Dark Reading the other day about data leaks focusing on insider threats. It did all the right things by pointing out “insiders have access to critical company...
View Article
More Pages to Explore .....