Email Alerts
-
Royal Holloway 2012: Designing a secure contactless payment system
In his Royal Holloway thesis, Albert Attard proposes a contactless payment system to make card-not-present credit card transactions more secure. Feature
-
IT in Europe, Security Edition: Password security standards and trends
Passwords have long been a security problem. This IT in Europe: Security Edition looks at password trends and alternative forms of authentication. Learning Guide
-
Alternatives to passwords: Replacing the ubiquitous authenticator
As the relative security of passwords falters, are they destined for obscurity? Feature
-
IT in Europe: Information Security Edition e-zine
e-zine
-
2009 Royal Holloway University of London MSc thesis series
Read a group of information security articles -- from the highly technical to the basic -- authored by recent MSc graduates of Royal Holloway University of London (RHUL). Royal Holloway eBook Seri
-
Enhanced Identity and Access Management
From consolidating directories to automating provisioning and rolling out single sign-on, these sessions identify how leading organizations are strengthening authorization and enforcing access controls. Session Downloads
-
Risk-based authentication
The concept of risk-based authentication is becoming popular for some online business-to-consumer transactions, particularly those conducted with banks and other financial services firms. Information Security maga
-
Authenticating Windows
Three options for Windows authentication with eSSO clients. Information Security maga
-
Information Security Quizzes
Test your knowledge of everything security, from network security to regulatory compliance, with our collection of quizzes. Security Quiz
-
XML Security Learning Guide
Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure. Learning Guide
- See more Essential Knowledge on Secure User Authentication and Authorization
-
SOCA shuts down network of CVV sellers' carder sites
The Serious Organised Crime Agency shut down 36 CVV sellers who were selling stolen credit card and banking credentials to buyers around the world. News | 27 Apr 2012
-
Verizon data breach report highlights continuing POS vulnerabilities
Improperly secured point-of-sale systems continue to offer an easy target to cybercriminals according to the 2012 data breach report from Verizon. News | 22 Mar 2012
-
Taking control of smartphone proliferation while avoiding user anarchy
With smartphone proliferation raging through companies, IT teams are turning to MDMs to keep corporate data safe. Are current MDMs up to the task? Feature | 14 Mar 2012
-
Windows security case study: Controlling Windows 7 user privileges
After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges. News | 24 Feb 2012
-
Jericho founder: Get involved in plan for protecting identity online
Respected identity expert Paul Simmonds says the NSTIC's identity project needs European involvement, or it may not meet Europe's needs. News | 13 Jan 2012
-
Is it the end of the line for antivirus signatures?
Traditional antimalware can't keep up with the threat landscape. Are antivirus signatures destined for the rubbish bin? News | 29 Dec 2011
-
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. News | 29 Dec 2011
-
Industry groups offer conflicting options for protecting identity online
The Jericho Forum is promoting its strategy for protecting identity online, claiming its approach is superior to the NSTIC or vendors. News | 21 Dec 2011
-
Web inventor Tim Berners-Lee on vision for the future of IT security
Web inventor Tim Berners-Lee told RSA Europe attendees the future of IT security must include greater simplicity for users. News | 14 Oct 2011
-
RSA Europe Conference 2011: Nation state groups behind RSA attack
RSA revealed a “nation state” was behind the SecurID attack in March. Twitter and Facebook are still banned at RSA. News | 13 Oct 2011
- See more News on Secure User Authentication and Authorization
-
Securing NoSQL applications: Best practises for big data security
NoSQL is great for big data, but security is often lacking in NoSQL applications. Davey Winder provides best practises for NoSQL security. Tip
-
Password security best practices: Change passwords to passphrases
Making passwords more complex hasn’t stopped hackers. Learn why passphrases are better, and surprisingly easy for users to remember. Tip
-
A compliance strategy for the controversial cookie opt-in regulation
Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation. Tip
-
Assessing home offices for compliance with security teleworking policy
Get advice on how to assess employee's home offices for security and policy compliance. Tip
-
A pen tester’s perspective on creating a secure password
A pen tester explains the importance of creating a secure password Tip
-
How to prevent unauthorised personnel from hacking voicemail
Keeping attackers out of sensitive corporate voicemails can be as easy as updating PIN policies. Tip
-
RSA Europe 2011: IT security conference coverage
All the news from RSA Europe 2011. Read news, features, tips and blogs from the London based IT security conference. Tip
-
Website secure login: Alternatives to out-of-wallet questions
Learn about alternatives to static knowledge-based authentication and out-of-wallet questions for secure website logins in this tip. Tip
-
Online authentication methods: Personal information cards and Web SSO
Learn more about information cards authentication and how it can help lock down online authentication at your organisation. Tip
-
RFID projects: Implementation considerations, RFID security concerns
RFID projects can aid organisations in many ways, including improving physical security. Learn more in this tip from Michael Cobb. Tip
- See more Tips on Secure User Authentication and Authorization
-
Techniques for preventing a brute force login attack
A brute force login attack can enable an attacker to log in to an application and steal data. Rob Shapland explains how to prevent brute force attacks. Answer
-
Forced browsing: Understanding and halting simple browser attacks
Forced browsing is when an attacker discovers the URL of a restricted webpage. Expert Rob Shapland explains how to halt this browser attack method. Ask the Expert
-
Pros and cons of touch-gesture recognition authentication
Touch-gesture recognition is an alternative authentication system for Windows 8 mobile devices. Expert Davey Winder examines the pros and cons. Answer
-
How effective are password hack tools?
Richard Brain, our resident application and platform security expert, explains why strengthening a password is so important. Ask the Expert
-
Should PKI systems be used for laptop encryption?
In this expert reponse, Joel Dubin discusses the pros and cons of using PKI systems for laptop encryption. Ask the Expert
-
What type of protections should security question and answer authentication credentials have?
Identity management and access control expert Joel Dubin discusses how corporations can secure security question and answer authentication credentials. Ask the Expert
-
Traditional single sign-on (SSO) products versus federated identities
Identity management and access control expert Joel Dubin discusses the pros and cons of single sign-on products and federated identities. Ask the Expert
-
Best practices for deploying enterprise single sign-on (SSO)
In this expert response, Joel Dubin discusses some enterprise single sign-on (SSO) best practices and common obstacles. Ask the Expert
-
How do anonymous credentials and selective disclosure certificates affect enterprise IAM?
In this expert response, security pro Joel Dubin defines anonymous credentials and selective disclosure certificates, explains how they work and unveils how these two factors can affect enterprise IAM. Ask the Expert
-
Choosing from the top PKI products and vendors
In this expert response, security pro Joel Dubin discusses the best ways to compare PKI products and vendors for enterprise implementation of PKI. Ask the Expert
- See more Expert Advice on Secure User Authentication and Authorization
-
Chip and PIN
Chip and PIN is a UK government-backed initiative to implement the EMV (short for Europay, Mastercard and Visa) standard for smart payment cards... (Continued) Definition
-
UK Identity Cards Act
The UK Identity Cards Act is a framework of enabling legislation for a British National Identity card passed in 2006. The Act has not yet gone into full-scale development or deployment... (Continued) Definition
-
Royal Holloway 2012: Designing a secure contactless payment system
In his Royal Holloway thesis, Albert Attard proposes a contactless payment system to make card-not-present credit card transactions more secure. Feature
-
Techniques for preventing a brute force login attack
A brute force login attack can enable an attacker to log in to an application and steal data. Rob Shapland explains how to prevent brute force attacks. Answer
-
Securing NoSQL applications: Best practises for big data security
NoSQL is great for big data, but security is often lacking in NoSQL applications. Davey Winder provides best practises for NoSQL security. Tip
-
Password security best practices: Change passwords to passphrases
Making passwords more complex hasn’t stopped hackers. Learn why passphrases are better, and surprisingly easy for users to remember. Tip
-
SOCA shuts down network of CVV sellers' carder sites
The Serious Organised Crime Agency shut down 36 CVV sellers who were selling stolen credit card and banking credentials to buyers around the world. News
-
A compliance strategy for the controversial cookie opt-in regulation
Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation. Tip
-
Verizon data breach report highlights continuing POS vulnerabilities
Improperly secured point-of-sale systems continue to offer an easy target to cybercriminals according to the 2012 data breach report from Verizon. News
-
Forced browsing: Understanding and halting simple browser attacks
Forced browsing is when an attacker discovers the URL of a restricted webpage. Expert Rob Shapland explains how to halt this browser attack method. Ask the Expert
-
Taking control of smartphone proliferation while avoiding user anarchy
With smartphone proliferation raging through companies, IT teams are turning to MDMs to keep corporate data safe. Are current MDMs up to the task? Feature
-
Pros and cons of touch-gesture recognition authentication
Touch-gesture recognition is an alternative authentication system for Windows 8 mobile devices. Expert Davey Winder examines the pros and cons. Answer
- See more All on Secure User Authentication and Authorization
About Secure User Authentication and Authorization
Get information on how basic, multifactor and two-factor authentication can enhance access management. You will also receive advice and information on how to secure user authentication and authorization and how to implement Web, password and user authentication.