Web Authentication and Access Control

  • July 29, 2009 29 Jul'09

    Kaminsky reveals key flaws in X.509 SSL certificates at Black Hat

    Researcher Dan Kaminsky returned to Black Hat with new research on X.509 certificates, explaining an attack method that could enable malicious hackers to spoof legitimate SSL certificates..

  • September 30, 2008 30 Sep'08

    Sun launches open source OpenSSO for identity management

    Sun integrates access management, federation and secure Web services in its new OpenSSO Enterprise

  • April 02, 2008 02 Apr'08

    Video: Changes ahead for MIT Kerberos Consortium

    MIT's Kerberos Consortium members discuss the evolution of Kerberos, changes ahead for the widly used authentication platform and the issues that threaten its future.

  • April 02, 2008 02 Apr'08

    Kerberos security evolves for B2B, mobile tech

    Kerberos is a dominant authentication protocol, embedded in Windows, Solaris and multiple Linux flavors. But with new threats and new technology, an upgrade is in order.

  • April 02, 2008 02 Apr'08

    Kerberos: Authentication with some drawbacks

    Kerberos is one of the most-widely used authentication methods today, but experts explain that it comes with some weaknesses.

  • March 04, 2008 04 Mar'08

    Sun shifts strategy with GRC push

    Sun Microsystems is making a move into the governance, risk and compliance market, ramping up the competition against Oracle, IBM, CA and others.

  • July 25, 2007 25 Jul'07

    Researchers expose Ajax programming dangers

    Two security engineers from SPI Dynamics comb resources on the Net to build an Ajax application from scratch; the final product is rife with problems.

  • July 25, 2007 25 Jul'07

    Black Hat 2007: More on the dangers of Ajax

    One of the presenters at this year's Black Hat USA 2007 conference in Las Vegas is Billy Hoffman, a researcher with SPI Dynamics. Hoffman made headlines at last year's conference with a series of presentations on application security, particularly ...

  • July 12, 2007 12 Jul'07

    Web security gateways meet rising malware threats

    Web security gateways combine layered defense against the rising tide of Web-based malware with URL filtering and application control.

  • June 14, 2007 14 Jun'07

    Web applications tangle security researchers, attract attackers

    Web application security researchers are finding that some of their work could land them on the wrong side of the law. As a result, Web applications are more vulnerable to attack.

  • May 22, 2007 22 May'07

    Database authentication, encryption getting priority in some businesses

    While more organizations are seeking database authentication and encryption technologies, others are turning to database monitoring to secure data.

  • February 05, 2007 05 Feb'07

    Pitfalls aplenty going SOA

    Service-oriented architectures may improve the standardization and efficiency of your business -- often at the expense of security. Michael S. Mimoso investigates the security features that vendors are adding to their Web services and SOA products.

  • January 26, 2007 26 Jan'07

    IBM tool makes online purchases anonymous

    A new tool makes online purchases anonymous by using artificial identity information. Experts say enterprises need to adopt the technology before it can become a viable option.

  • September 06, 2006 06 Sep'06

    ControlGuard targets rogue devices

    ControlGuard Access Manager is an effective tool for controlling what devices users can add to their workstations and how they are used.

  • July 26, 2006 26 Jul'06

    Employee monitoring should be done with care

    Employee monitoring is on the rise as organizations try to safeguard their sensitive information and increase productivity. However, one security expert says there are several important questions to ask before implementing an employee monitoring ...