SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 18
Part 19
Part 20
Part 21
Part 22
Part 23
Part 24
Part 25
Prev | Current Page 425 | Next

Vittorio Bertocci, Garrett Serack, Caleb Baker

"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"

This enables you to look up an
account based on claims presented from the user but
does not give the potential attacker information that can
be used to identify the user.
 Decouple PII when possible. Some information can be
stored without any personally identi?¬?able link. Examine
data for potential places where knowing the person tied
to it is not necessary.
 Perform a security audit. Consult with security experts
and carry out an independent security audit of all aspects
of the system.
 Review the privacy policy. In cooperation with legal
counsel, review the policies and procedures regarding
collection, retention, and usage of any PII.
Customers increasingly want to know that their PII is treated
with respect and that their security and privacy are being handled
appropriately. Assessing the security and privacy policies of
partners and vendors is also quite important. Examining the data
Privacy and Liability
A one-way hash is
an encoding that
cannot be reversed
302 Guidance for a Relying Party
being transmitted to other parties and ensuring that the privacy
and security of customers is being maintained can also limit
liability.
Summary
Websites face increasing pressure from competition and deepening
responsibilities to their customers to provide better, faster,
more effective service.


Pages:
413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437
Beginners Guide to SQL Server Integration Services Using Visual Studio 2005 (page 111) Pro ASP.NET 3.5 Server Controls and AJAX Components (page 2242) Practical Reporting with Ruby and Rails (page 251)