A new HP Labs technical report (called “Assurance for Federated Identity Management” - revisiting and extending a previous one, on the same topic), has been published:
"Federated Identity Management is an emerging paradigm that is rightly getting a lot of standardization and research attention. One aspect that is not receiving enough attention is assurance. Given the challenges enterprises faced trying to demonstrate appropriate control of their internal and monolithic identity management systems, the problem of how to provide assurance to multiple stakeholders that controls, operations and technologies that cut across organisational boundaries, are appropriately mitigating risk, looks daunting. The paper provides an exposition of the assurance process, how it applies to identity management and particularly to federated identity management. Our contribution is to show technology can be used to overcome many of trust, transparency and information reconciliation problems. Specifically we show how declarative assurance models can orchestrate and automate much of the assurance work, how certain enforcement technologies can radically improve identity assurance, and how an assurance framework can provide a basis for judging the assurance value of security technologies."
HPL Authors: Baldwin, Adrian; Casassa Mont, Marco; Beres, Yolanda; Shiu, Simon
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment