Powered By InformationWeek Business Technology Network
 
Welcome Guest. | Log In | Register | Membership Benefits

Dark Reading's Authentication Tech Center is your portal to all the news, product information, technical data, and other information related to the topic of computer user authentication and certification.  Written for executives and businesspeople as well as security and IT professionals, the AuthenticationTech Center is a single community dedicated to a single idea: ensuring that computer users are who they say they are.

Breaking News

Researcher Cracks Google Wallet PIN
Fix for vulnerability could require banks to take over some of security responsibility

VeriSign Breach May Actually Reaffirm Commitment To CA Model
Proposals like DANE to roll up certificate issuance into DNS show that trusting domain registrars just as risky as trusting CAs

Google, Facebook, Bank Of America Behind New Email Security Standard
New specification for preventing phishing and email domain abuse likely to help email security, but will enterprises adopt it?

More Stories:

MORE NEWS >>>

By The Numbers


The Types of Characters Used In Passwords
A new survey by Bit Defender found that most users still do not use non-letter characters in their passwords.

Source: Bit Defender Password Survey 2010

Blog

Author Photo The Value Of Device Authentication
Posted by Taher Elgamal
January 30, 2012

'Fingerprinting' evolving to protect device IDs

read more >

Around The Web

APIGEE
OAuth For Your API
Advice and opinions about how OAuth can be used to improve the way applications and websites handle authentication, the differences between different flavors of OAuth and deployment considerations

INFOSECISLAND
Authentication: Who Are You And Why Are You Here?
A look at some of the biggest mistakes and best practices in identity and access management today

GUARDIAN.CO.UK
NHS Scotland Rolls Out Single Sign-On Solution
A medical system in Scotland is implementing a single sign-on system for access to patient systems, starting with its clinical applications for about 3,000 users

VENTUREBEAT
Centrify?s Single Sign-On Secures Servers, Scores $16 Million
Focusing on single sign-on for both on-premise and cloud servers, Sunnyvale, Calif.-based Centrify now has a VC total of up to $52 million

INFORMATIONWEEK
Cloud Identity Problems Solved By Federating Directories
Radiant Logic got into the cloud federated identity game with a new service that uses SAML 2.0 and brings together identities from databases, Web services, Active Dirctories, Sun and other LDAP directories

GIGAOM
Okta Unlocks Access To The Corporate Cloud
Startup of single sign-on solutions for web-based applications recently closed on $16.5 million in venture funding

INFORMATIONWEEK
Amazon Web Services Enables Private Cloud Connections
Amazon recently added the ability to federate identities in the cloud with support for Active Directories through its Identity and Access Management service

SEARCHORACLE.COM
Three Trends In Oracle Identity And Access Management
The shift to a platform- or service-centric focus, content-aware IAM and automated access request and access certification are all big factors in the way Oracle has changed its IAM product set

MORE >>>



Authentication Reports

report Will Smartcards Live Up to Their Name?
Recent compromises of smartcard data have exacerbated concerns about the technology?s privacy, security and standards (or lack thereof). Yet the promise of smartcards is too compelling to ignore. New technologies and applications prompt us to take a fresh look.

report Get The Best Of Biometrics
As data volume and sensitivity grow, companies cannot rely on password- and token-based authentication. Biometrics can be used to provide strong access control, but you must weigh added complexity and costs against assurance that users are who they say they are.

report Proof of Identity: How to Choose Multifactor Authentication
User names and passwords are no longer sufficient authentication. In a time when so much business depends on the Internet, security requirements and regulatory mandates are putting pressure on business to adopt strong, multifactor authentication methods. In this Tech Center report, we explain how to weigh cost vs. risk to select the Web authentication method for your high-risk applications.

Other reports from the Authentication Tech Center:

Related Content

Effective and Painless Multi-factor Authentication
When the information age was young, authentication was simple-assign the user a password. Today, user populations have expanded and users access numerous distinct systems with each system requiring credentials. That said, it is no surprise that users have reverted to tactics that invalidate the security strength of passwords. Yet, the use of passwords as the only means to certify a user's identity still remains prevalent among SMBs. There is a new, multi-factor authentication approach that strengthens identity authentication and does not introduce extra cost, user inconvenience, and administrative. This white paper describes why multi-factor authentication is rising in importance and reviews the pros and cons of different multi-factor authentication approaches.

Man-in-the-Browser Attacks Explained
Cybercriminals are using more advanced methods to target online users. One of the fastest growing threats today is the man-in-the-browser (MITB) Trojan attack - an attack designed to intercept data as it passes over a secure communication between a user and an online application. Propagation of man-in-the-browser attacks is being helped by spear phishing attacks, the popularity of social networking sites, and the increase in drive-by downloads. In the last year, there has been an exponential increase in the number of these attacks against financial institutions. This white paper introduces the MITB attack, explains the infection rate, features and functionality of the attack and provides advice on how financial institutions can mitigate the threat.

How to: Select the Best Authentication Solution for Your Business
With the number of new and emerging security products being denoted by analysts as the "silver bullet" solution, it is critical to recognize that there are many authentication choices available on the market. The Authentication Decision Tree is a comprehensive tool that helps organizations understand, evaluate and select the most appropriate authentication solution to meet the needs of their users and their business. This white paper provides an overview of the Authentication Decision Tree, examines the five factors critical to selecting an authentication solution, and offers a clear guide to selecting the right solution that effectively balances risk, cost and end user convenience.

Strong Authentication for SMBs
Small and mid-sized businesses authenticate their end-users primarily with passwords, in spite of the fact that passwords are less secure, inconvenient and more expensive then stronger forms of authentication. This white paper reveals recent research conducted by Aberdeen on the drivers, inhibitors and technology adoption trends among SMBs. Find out what authentication solutions are well-designed to address the needs of SMBs.

How to Make the Case for Strong Authentication
With today's threat landscape and the increased value placed on the information created and stored, systems that rely on static passwords for security are left vulnerable and at high risk of being breached. This paper examines the need for strong authentication and explores the return on investment in order to help organizations make an informed decision when contemplating their strategic move toward more effective security.