The recent tragedy in Tucson, AZ has gripped the nation in more ways than one. There are so many different story lines unfolding out of that single tragedy – about politics, about rhetoric, about immigration, about dreams. Significantly less visceral, but important from an identity management perspective is this avoidable but all too common story
I just got back from a trip, where I had the opportunity to visit a number of Oracle (including former Sun) IdM customers. During the trip I (quite unintentionally) got some insight into an area of enterprise identity management that I had not considered before – Identity Management for Visitors. Over the last few years
At OpenWorld today, Oracle announced the release of Oracle Security Governor for Healthcare, a unique and comprehensive security governance solution that helps healthcare organizations with proactive detection and prevention of security and privacy breaches (click here for the press release). Oracle Security Governor becomes the second product we have in the identity governance space, taking
Back in 2008, Microsoft acquired some innovative technology called U-Prove that promised to solve an age old privacy question: How can I disclose the minimal information that I need to for the purpose of an online transaction, without having to also disclose additional (sensitive) information to establish trust in that first set of data. U-Prove
After a good start to the conference, I went into day 2 thinking that there was going to be more opportunity for me to blog while in the session room because the content would be fairly familiar. But there were lots of good nuggets of information spread throughout the talks, enough to generate a generous
Privacy advocates have long been raising a hue and cry about the negative impact social networking sites are having on privacy. For the most part, the glare has been on the poor security practices and privacy controls of these sites. But now researchers at the University of Texas at Austin have brought to light a
Wednesday, January 28 is International Data Privacy Day, honoring the anniversary of the Council of Europe Convention on Data Protection (No. 108), the most important international law for privacy. The purpose of this convention is to secure in the territory of each Party for every individual, whatever his nationality or residence, respect for his rights
One of the online forums I participate in is commonly referred to as the Identity Gang (it is now part of identity commons). An interesting conversation took place last week on the topic of anonymity and privacy. The conversation did branch out a bit (as these conversations often do), but it did bring to the
In a recent blog post (E-Passports equals E-pportunity for Hackers?), I touched on the security and privacy issues arising from the use of RFID technology in the context on the new e-passports. Now Scientific Technology Options Assessment (STOA), an arm of the European Parliament, has released a report (RFID and Identity Management in Everyday Life)
Electronic passports are not only insecure, they can be used as tools to commit fraud and mischief. That is the contention of an RFID expert that has been investigating the new digital passports and passport readers that make up the next generation of our most definitive identifying document. Wired news covered Lukas Grunwald’s exposure of