Get the best cybersecurity science, research, resources and insights to help secure and safeguard the digital world.
No Charge. No Spam. Unsubscribe Anytime.

Death, zombies and raging protocols

Death, zombies and raging protocols

SAML 2.0, despite all claims of death and zombie-ness by many identerati, celebrated its 10th birthday recently.

++ Shibboleth Identity Provider software has been updated to v3 - Webinar here, Slides here.

+++ An interesting bit is the incorporation of consent flows for attribute release and terms of use. The default flow appears to be a port of the SWITCH uApprove Consent module, which provides for release approve/deny at the attribute bundle level, but there is an enhanced mode that supports approve/deny at the individual attribute level.

It is great to see technical support for this type of granularity when it comes to attribute release consent. But with great power comes great responsibility - the challenge will be striking a balance between the data model of a person expected by the relying party, and the desire to provide release control at the individual attribute level.

Graphing identity and reputation

I've done a bit of work on attribute services and keep thinking that a payload based on a graph structure may be able to convey a richer set of information than a tree structure.

++ Scalability and usability are not the issue, as demonstrated by Facebook's graph API.

++ There is also XDI, which is a technology for distributed semantic data graphs, developed by the XDI Technical Committee at OASIS.

+++ XDI powers the Respect Network's platform

+++ XDI Demos and Screencasts

cyberforge: random and relevant

The Small Business Innovation Research (SBIR) program is all about Government pulling together three areas important to economic growth - basic research, small high tech firms and venture capital but with some unique and start-up friendly differences:

Government is not going to ask for equity in your company, and you get to keep your IP.

Funding up to $1.15M over a two year period.

++ Cyber Security SBIR opportunities with DHS Science & Technology Directorate's Cyber Security Division

+++ DHS S&T's National Conversation on Homeland Security Technology

++ NIST 2015 SBIR Grants to Fund Research in Manufacturing, Clean Energy, Cybersecurity and Bioscience


 Tweet  Share  Share  Share  Pin  Email


Get the best cybersecurity science, research, resources and insights to help secure and safeguard the digital world.
No Charge. No Spam. Unsubscribe Anytime.