view counter

Security Feed

Oracle Security, Compliance, and Identity Management resources, news, and support articles.

OSSEC, the free and open source IDS

Intrusion detection software is meant to monitor network traffic or host activities for malicious actions, such as successful or unsuccessful intrusion attempts, hostile traffic (i.e., malicious scans and denials of service), unauthorized configuration changes, malware symptoms, and user policy violations. An intrusion detection system (IDS) typically can produce reports describing the details of the potentially […]

Beyond Attributes

In developing SCUID, we’ve been taking a very deep look at how the very nature of online identity (mostly enterprise identity, but a lot of it extends equally well to the broader definition of online identity) is changing in terms of how it is managed and what it needs to support. And in addition to my own recent work (that I’ve been documenting on this blog and in my various talks), there has been a lot of interesting discussion on some fundamental rethinking of the construct of identity.

New IETF SCIM drafts - Revision 03 Details

Yesterday, the IETF SCIM (System for Cross Domain Identity Management) Working Group published new draft specification revisions:

draft-ietf-scim-api-03
draft-ietf-scim-core-schema-03

This draft was essentially a clean-up of the specification text into IETF format as well as a series of clarifications and fixes that will greatly improve the maturity and interoperability of the SCIM drafts.

Introducing the “Talking Identity” Channel

So, this wasn’t planned. But Slideshare, where I have been posting all of my talks, announced that they are discontinuing their excellent Slidecast feature. I’ve relied on that feature almost exclusively over the last few years for posting my slides along with their accompanying audio. Most of my presentations are highly visual, featuring imagery, humor and diagrams that make almost no sense without the accompanying audio to provide context.

Double-blind Identity

Note: Cross-posted from the Oracle Fusion Blog.

On November 13 and 14, the Government of British Columbia, Canada, launched the first in a series of public consultations on identity and digital services. For several years now, BC has been working on a new identity services project that would enable citizens to securely access government services online. For BC, there is clear motivation:

Perform Web-based network queries with these sites

When you want to perform network queries for troubleshooting or data collecting purposes, the standard approach has been to launch a non-graphical command line interface (CLI) in Windows or a shell prompt (such as Bash) in Linux to display the input and output of the commands you use. While this practice is undoubtedly quick and […]

Perform Web-based network queries with these sites

When you want to perform network queries for troubleshooting or data collecting purposes, the standard approach has been to launch a non-graphical command line interface (CLI) in Windows or a shell prompt (such as Bash) in Linux to display the input and output of the commands you use. While this practice is undoubtedly quick and […]

Using TrueCrypt on Linux and Windows

Update: the TrueCrypt project unexpectedly shut down on 28 May 2014. A mirrored copy of TrueCrypt.org is available on Andryou.com. The home page of the next incarnation of TrueCrypt is TrueCrypt.ch. After numerous revelations this year of the National Security Agency’s (NSA) frightening capabilities of mass spying on phone calls and Internet traffic (see, for […]

Using TrueCrypt on Linux and Windows

Update: the TrueCrypt project unexpectedly shut down on 28 May 2014. A mirrored copy of TrueCrypt.org is available on Andryou.com. The home page of the next incarnation of TrueCrypt is TrueCrypt.ch. After numerous revelations this year of the National Security Agency’s (NSA) frightening capabilities of mass spying on phone calls and Internet traffic (see, for […]

view counter