About the SummitProgramWorkshopsSolutions CenterEventsnav-buttons-a_06_4_2

 

Any intelligent fool can make things bigger and more complex... It takes a touch of genius and a lot of courage to move in the opposite direction.

-- Einstein

 


Sponsors

Workshop Sponsor

Google logo

Solution Sponsor

Ping Identity logo

Innotribe logo

Radiant-Logic-Logo


Become a Sponsor

Mailing List
shim

Twitter logo
#CIS2012

Featured Speakers

Bob Blakley
Bob Blakley, Distinguished Analyst

Patrick Harding
Patrick Harding, CTO

Daniel Headrick
Daniel Headrick, Senior Enterprise Security Architect

Chuck Mortimore
Chuck Mortimore, PM Director for Identity and Security

Peter-Vanderauwera
Peter Vanderauwera, Innovation Leader

Communities Welcome!

  • OIDF
  • OIX
  • OASIS SPML
  • OASIS XACML
  • OASIS KMIP
  • OASIS SSTC
  • OASIS WS-Federation
  • OASIS WS-SX (WS-Trust)
  • OASIS Identity in the Cloud
  • OAuth IETF
  • Kantara
  • Shibboleth
  • OpenSAML
  • Cloud Security Alliance
  • TV Everywhere - OATC & OLCA
  • SCIM

Cloud Identity: Are we doing better than passwords yet?

Brad Hill

Single sign on and cloud identity technologies are improving user experiences and increasing the velocity of personal data around the web. But are we deluding ourselves and our users that all these new “tokens” provide any better security than the passwords and credit card numbers they’re supposed to replace? All too often they don’t, and authentication protocols from 2010 are providing less cryptographic assurance than those from 1978. What risks are we are still leaving unmanaged, and how can we do better?