Top Flaws in Distributed Authentication Systems and how they are Attacked, High Tech, Page 32

Top Flaws in Distributed Authentication Systems and how they are Attacked

Share  Email
  Page: 32
See entire paper: http://electronics.wesrch.com/pdfEL11TZ3XNMONP
Page URL: http://electronics.wesrch.com/32-pdfEL11TZ3XNMONP
Note : Best viewed in FF3 or above, IE7 or above
Page(s): 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
 
Page content:

“Identity Partners” are too trusted.
 If Airforce.mil wants to trust Boeing.com to assert
identities to authorize document access…

 It better be sure that Boeing.com can't assert
@airforce.mil addresses.
 Or @airbus.com addresses, either!

 Often not well accounted for in doc/config options

 Especially problematic for server identities.
 Can Boeing tell “general@airforce.mil” which server is
“fileshare.airforce.mil”? Or just “fileshare”?

Insert presenter logo
here on slide master.
See hidden slide 2 for
directions

 
 
Subscribe
x