Security Briefs - All Comments

re: CardSpace v2 moving into a new role?

keith-brown — Mon, 29 Jun 2009 13:40:52 GMT

For the latest drops, I'd follow the download link from the main Geneva page: www.microsoft.com/geneva

The client is called CardSpaceGeneva.

re: CardSpace v2 moving into a new role?

Matthew — Sun, 28 Jun 2009 13:13:54 GMT

Very interesting. I have been wondering where this was going for a while. Where is the new 'client' to be found? Windows 7 sport the same selector as far as I can see

re: Is the Identity Metasystem user centric or not?

Mike Pettit — Wed, 20 May 2009 14:17:45 GMT

My assumption about the user-at-the-center bit that KC's original post talked about requiring the user to be aware of what identities (and attributes) were being exposed to what relying parties and applications. On the Internet, only application specific identity services (Live services themselves, Facebook, LinkedIn, etc) provide granular, user-decided sharing choices. Even then, those are subject to the whim of changing corporate use policies over time. 3rd party identity systems are just too new in practice to provide for this in a way that application vendors are willing or able to incorporate into their technology and use policies.

So, going back to KC and CardSpace, a user might be expected to create multiple Windows Live ID's, one for each 'persona' the user might express on the Internet. The same could be said of creating multiple identities on each social networking site. Whether the browser-based login state mechanisms will get to the point of allowing different logins per-tab using the same identity provider or same application is another matter.

I have a feeling that just as any secure communications protocol beyond 1-way SSL has proven too complex for almost all Internet transactions, any use of 'claims' beyond login ID will take a long time to conceptually and practically take hold.

Today, the only interoperable, widely deployed option available to the user is PKI certificates. I simply acquire certificates representing my various 'personas', and each certificate carries only the attributes I'm willing to share under that persona. If I purchase them from a big enough vendor, they are even recognized by most potential services out there. Unfortunately, since PKI deployment/use on the Windows platform is only understood by a relative few, and securely getting my certificates sync'ed across my various devices is even less understood, nearly all application vendors looking to scale shy away from using client-certificate based identity solutions.

Are complex federation scenarios driving us away from user-centric identity?

Security Briefs — Tue, 19 May 2009 15:00:36 GMT

As I pointed out in my last post , in corporate federation scenarios, we don’t need to put the user at

Addressing data recovery in detail

Addressing data recovery in detail — Mon, 11 May 2009 13:07:07 GMT

Data recovery means you still have a chance to reclaim a lost or damaged file. Most data recovery products are easy to use and inexpensive. A data recovery agent can be contacted for in-lab service.

re: Is the Identity Metasystem user centric or not?

dominick — Fri, 08 May 2009 06:09:00 GMT

Well - when you look here:

docs.oasis-open.org/.../identity.html

The laws are not mentioned.

In my eyes the IMS is a guideline how to use existing technologies like WS-Trust and SAML to create interoperable environments (and btw WS-Fed is not part of that guideline).

The laws are something to keep in mind when implementing your" version" of your identity management system.

dom

Lost data file recovery

Lost data file recovery — Wed, 06 May 2009 11:03:14 GMT

If you don't know file recovery is divided into categories: deleted lost and damaged. Understand which one you face is the first step. Deciding which one to use is next. I'll show the different file recovery choices and method in recovering data.

File hard drive recovery software

File hard drive recovery software — Tue, 05 May 2009 13:28:00 GMT

It's often difficult to differentiate the capabilities of hard drive recovery specialists. Ask them to show you in their contract that they will not ship it to another company. That will delete ninety-five percent of all companies. Another quick test

Hard disk recovery information

Hard disk recovery information — Sat, 02 May 2009 22:09:26 GMT

Computer investigations and disk recovery is all that professional do. If you're looking for a reliable solution to get data salvaged then look for a company that does just those disciplines. They will also offer disk recovery software. Just this information

Data recovery service of a hard drive

Data recovery service of a hard drive — Sat, 25 Apr 2009 20:06:22 GMT

Who will you be hiring for your data recovery service? It's either the tech shop in the area or specialist. What's the difference? Well the data recovery service company specializes in just getting people files recovered and putting cyber-criminals in

Data recovery software tools

Data recovery software tools — Sat, 25 Apr 2009 19:07:31 GMT

While all the data recovery software are programmed to get files recovered there is a difference between many of them. This is a little technical but it state my point: data recovery software can reconstruct a file system that has been altered or that

re: Create self-signed X.509 certificates in a flash with Self-Cert

Rickard — Mon, 06 Apr 2009 09:42:04 GMT

Thank you

re: Using Remote Assistance behind a router

WORKASDATAENTRYATHOME — Fri, 03 Apr 2009 21:22:55 GMT

nice tips.! it worked for me.!

re: Is Intellisense for XAML broken for you in VS 2008?

Silencer — Fri, 03 Apr 2009 17:28:34 GMT

Great tip. I have the same problem. Other people suggested re-registering a dll, re-installing VS2008 :-(

But this simple trick just worked .

re: Welcome to the Identity and Access Management Developer Center!

starbros — Fri, 27 Mar 2009 22:10:23 GMT

msdn link is now broken