1.1 MB | 3 files | DOC, PDF
Remote commerce and personally identifiable data (PID) management requires a level of e-authentication that often goes well beyond the simple password. This research note looks at approaches that rely on users knowing "secrets."
Electronic authentication (E-authentication) is the process of establishing confidence in user identities electronically presented to an information system. E-authentication presents a technical challenge when this process involves the remote authentication of individual people over a network for the purposes of electronic government and commerce. This recommendation provides technical guidelines to agencies to allow an individual to remotely authenticate his or her identity to a Federal IT system. These guidelines address only traditional, widely implemented methods for remote authentication based on secrets. With these methods, the individual to be authenticated proves that he or she knows or possesses some secret information.
The attached Zip file includes:
In this excerpt from chapter 20, the author briefly discusses the challenges and success factors that the organization must be aware of to maintain compliance and achieve optimum information security for the enterprise. ... More >>
Approximate matching is a promising technology designed to identify similarities between two digital artifacts. This can be very useful for filtering data for security monitoring and digital forensics. ... More >>
Transport Layer Security (TLS) provides mechanisms to protect sensitive data during electronic dissemination across networks. ... More >>