Welcome to IDtrust XML.org.

This is the official community gathering place and information resource for identity and trusted infrastructure standards. The site is hosted by the OASIS IDtrust Member Section, a group that encourages new participation from developers and users. This is an open, vendor-neutral community-driven site, and the public is encouraged to contribute content. See more about this site.

Identity Thefts Traced to Graduate Healthcare

United Healthcare, the provider for UCI’s Graduate Student Health Insurance Program, admitted that it was the source of identity thefts of past and present UCI graduate and medical students on Wednesday, May 28.

Read more

BNY Mellon Will Spend Big on Breach

Got an extra $886 million in your budget this year? This was the “breach-of-the-week” story in late May, but the lost tape with 4.5 million names on it keeps getting more expensive for Bank of New York Mellon.

Read more

Security Firm Ask for Help Cracking Ransomware Key

New blackmailing Trojan encrypts files using high-grade 1024-bit RSA key. A security company on Friday asked for help cracking an encryption key central to an extortion scheme that demands money from users whose PCs have been infected by malware.

Kaspersky Lab, a Moscow-based antivirus firm, put out the call for assistance after it discovered a new variant of Gpcode, a Trojan horse that has been used in isolated "ransomware" attacks for the past two years.

Read more...

Read more

Citibank Hack Blamed for Alleged ATM Crime Spree

A computer intrusion into a Citibank server that processes ATM withdrawals led to two Brooklyn men making hundreds of fraudulent withdrawals from New York City cash machines in February, pocketing at least $750,000 in cash, according to federal prosecutors.

The ATM crime spree is apparently the first to be publicly linked to the breach of a major U.S. bank's systems, experts say.

Read more...

Read more

SAML V2.0 Information Card Token Profile Scott Cantor (ed), OASIS Working Draft

A draft version of the "SAML V2.0 Information Card Token Profile" has been submitted to the OASIS Security Services (SAML) TC. "Microsoft has defined a set of profiles for acquring and delivering security tokens, collectively referred to as 'Information Card' technology. These profiles are agnostic with respect to the format and semantics of a security token, but interoperability between issuing and relying parties cannot be achieved without additional rules governing the creation and use of the tokens exchanged.

Read more... 

Read more

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I