Identity Protection Factor (IPF) - March 4-6, 2008 - Gaithersburg, MD

Since the dawn of computing, operating systems and applications have used many schemes to identify and authenticate entities accessing resources within computers. While the technologies and schemes have varied, there appears to have been little attempt to classify them based on their ability to resist attacks from unauthorized entities.

With the proliferation of identity management technologies in the market today, it is becoming increasingly difficult to assess and compare them with each other. As the threat level continues to rise on the internet, and regulations governing information technology continue to grow, risk managers need a more objective mechanism to assign risk to their systems so they may apply appropriate mitigating controls.

This paper attempts to describe a classification scheme that will permit the comparison of seemingly different identification and authentication (I&A) technologies on the basis of their vulnerability to attacks. With a better understanding of related authentication technologies, companies can determine the appropriate technology to use for mitigating authentication risks. 

About the Presenter

Arshad Noor is the Chief Technology Officer of StrongAuth, Inc., a Sunnyvale, California-based company that specializes in Enterprise Key Management, Identity Management and Compliance Work-flow Management.

He is the architect and lead developer of StrongKeyTM, an open-source implementation of a Symmetric Key Management System (SKMS), whose protocol is the basis for the Symmetric Key Services Markup Language (SKSML) standard being formalized by the OASIS EKMI Technical Committee; StrongAuth donated the SKSML protocol to OASIS on a royalty-free basis for the standardization effort.

Arshad is also the current Chair of the OASIS EKMI TC that currently has 28 members on its committee, including Visa, Wells Fargo, Red Hat, the US Dept. of Defense and many other companies and individuals in the security industry. He has spoken at many international conferences on EKMI, including the OASIS Adoption Forum 2007 in San Diego, ISSE/SECURE 2007 in Warsaw, Poland and the ISACA International Conference 2007 in Singapore.

Workshop logistics

Venue: Gaithersburg, MD
Date: March 4 - March 6, 2008
For more information: info(AT) Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I