The Internet of Things, as distinct from the internet of people, requires communication between devices which enable tracking, monitoring and metering etc... This intercommunication is dependent upon semantically structured and shared data for enabling functions such as identification, authentication, authorisation, bootstrapping and provisioning. Standardising both the semantically structured data and the enabling functions across M2M applications and… Continue reading Identity for the Internet of People
Category: SDLC
JSON Web Token (JWT) and JSON Object Signing and Encryption (JOSE)
This blog is part of a series comparing the implementation of identity management patterns in SAML and OpenID Connect: Identity Broker Service in OpenID Connect: Supporting Multiple Identity Providers & Service Providers Identity Broker Service in SAML OpenID Connect AuthN & AuthZ Comparison of OpenID Connect with OAuth2.0 & SAML2.0 Cross Domain Identity Patterns: Chained Federation & Service Broker JSON Web… Continue reading JSON Web Token (JWT) and JSON Object Signing and Encryption (JOSE)
Daft Punk’s Get Lucky & Authentication Systems
Is Daft Punk's Get Lucky a simile for a brute force attack? Is your authentication system vulnerable to this risk and its implication? Have you considered Risk Based Access Management systems and Password Management systems? Or have you considered not going to nightclubs that play Daft Punk?
Safe Harbour, Data Privacy and Scottish Independence
The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data is a European Union directive which regulates the processing of personal data within the European Union. The Criteria for Safe Harbour privacy are incorporated into the Directive… Continue reading Safe Harbour, Data Privacy and Scottish Independence
API Crazy 