SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 20
Part 21
Part 22
Part 23
Part 24
Part 25
Prev | Current Page 469 | Next

Vittorio Bertocci, Garrett Serack, Caleb Baker

"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"

The .crd ?¬?le can be saved on the
user??™s desktop without any encryption or moved from one machine to another.
Furthermore, the uniqueness of a card is based on its card ID. If the possession
of a card is being used as part of an authentication mechanism, card IDs must
be generated in a way that makes it unpredictable and hard to guess.
That said, CardSpace supports multiple factor authentication without resorting
to the card itself as a factor. If a Managed Card is backed by a smartcard, and the
usage of smartcard itself is constrained by a PIN, succesfully employing the card
entails leveraging something you have (the smartcard) and something you know
(the PIN).
An IP has to think
carefully about the
information that
they possess
335
Understanding Your Data
A key factor for any IP is to build around the identity information
to which they have access. An IP should consider the data it has
in its possession and answer a few questions:
 What do I know?
An IP looking to discover value in their database of users
may ?¬?nd several types of information can provide value.
The easy ones are validated claims??”data that you have
previously veri?¬?ed in one way or another??”?¬?rst and last
names, email addresses, home addresses, birthdates, and
so forth.


Pages:
457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481
Beginners Guide to SQL Server Integration Services Using Visual Studio 2005 (page 117) Pro ASP.NET 3.5 Server Controls and AJAX Components (page 929) Practical Reporting with Ruby and Rails (page 128)