IT Governance, Risk, and Compliance:

Identification

1

July 20, 2009  7:28 PM

Biometric Technology – Part IV



Posted by: Robert Davis
Access Controls, Authentication, Biometrics, Crackers, Hackers, IAP, Identification, Information Assets Protection, Information Security, Information Security Infrastructure Management, ISIM

Technology attacks and attendant security compromises are never easily managed. Parallel to the ingenuity of attackers and proportional to the value placed on entrusted information assets, effective security access controls are imperative. Given the current accuracy of automated user...

July 16, 2009  8:31 PM

Biometric Technology – Part III



Posted by: Robert Davis
Access Controls, Authentication, Biometrics, Crackers, Hackers, IAP, Identification, Information Assets Protection, Information Security, Information Security Infrastructure Management, ISIM

Through the identification or authentication process, decisions are made regarding access. Typically, biometric identification supports physical access controls, while biometric authentication...


July 13, 2009  6:25 PM

Biometric Technology – Part II



Posted by: Robert Davis
Access Controls, Authentication, Biometrics, Crackers, Hackers, IAP, Identification, Information Assets Protection, Information Security, Information Security Infrastructure Management, ISIM

Most information security practitioners accept biometrics as the science employing distinctive human attributes to discern access right validity. Specifically, imparting the Information Systems Audit and...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


March 16, 2009  7:01 PM

Physical Token Protection – Part IV



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Quality, Service Level Agreement, SLA, Token, Usability

Regarding provisioning physical authentication mediums, an entity's deployed access control process should clearly define the way encoded identification is delivered to users -- within the context of promoting adequate confidentiality, integrity and availability. Specifically, the process to...


March 12, 2009  6:41 PM

Physical Token Protection – Part III



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Quality, Service Level Agreement, SLA, Token, Usability

As a corollary requirement, when considering physical tokens, functionality is directly related to capabilities. Consequently, physical token appropriateness should be evaluated based on the set of attributes applicable to the existing set of activities and their specific properties. In other...


March 9, 2009  6:56 PM

Physical Token Protection – Part II



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Service Level Agreement, SLA, Token, Usability

Information asset usability implies availability to perform requested services as well as transparency. Determining physical token usability necessitates assessing relevant and pertinent services for the access process as well as secure user delivery in a timely, correct, and consistent manner....


March 6, 2009  7:50 PM

Physical Token Protection – Part I



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Token, Usability

Organizationally, information security normally is considered a program enabling and optimizing IT security services for the entity in order to satisfy business requirements, while simultaneously providing strategic and tactical IT security infrastructure management that complies with applicable...


February 5, 2009  9:38 PM

Access Control Convergence – Part 2



Posted by: Robert Davis
Access Controls, Accountability, Authentication, Authorization, Distributed Platforms, Identification, Information Asset Protection, Infrastructure, Logical Security, Physical Security

Integrated policies improving access control are needed to increase safeguarding capabilities. Furthermore, due to technological and operational diversity, it is critical to have standard processes to control access that will permit economies of scale. Potential candidates for access control...


February 2, 2009  7:38 PM

Access Control Convergence – Part 1



Posted by: Robert Davis
Access Controls, Accountability, Authentication, Authorization, Distributed Platforms, Identification, Information Asset Protection, Infrastructure, Logical Security, Physical Security

Computer technology continues to advance toward a tiered decentralized world of distributed platforms for entering, processing, and retrieving information. Technological implementations are diverse and complex; however, all IT deployments should be protected from unauthorized usage utilizing...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: