See
authentication
commenting on blogging
sites, 329
Completely Automated Public
Turing Test to Tell
Computers and Humans
Apart (CAPTCHA), 273
consent
assuming, 324-325
user control and
consent, 94-96
consistent experience across
contexts
CardSpace, 177-181
law of identity, 108-110,
129-130
consumers. SeeRPs (relying
parties)
contexts, consistent experience
across (law of identity),
108-110, 119, 129-130
control, user control and
consent, 94-96
corporate smartcards, 60-62
crackers
goals of, 6
overview, 5
script kiddies, 8
CRAs (credit-reporting agencies),
313, 317, 332
creating accounts, 288-291
credentials
blind credentials, 10, 31
transporting, 79-84
credit cards, 293-294, 311
credit histories, 28-29, 317
credit-reporting agencies (CRAs),
313, 317, 332
crime. Seecybercrime
crossing trust boundaries,
324-325
cryptography
ciphertext, 39
de?¬?nition, 36
digital signatures, 42-44
encryption
de?¬?nition, 36
public key encryption,
39-41
symmetric encryption,
38-39
HTTP (HyperText Transfer
Protocol), 47-49
HTTPS
authentication and digital
identity, 52-57
overview, 49-52
identity propagation, 37
keys
asymmetric key
algorithms, 39-41
de?¬?nition, 36
private keys, 41
PKI (Public Key
Infrastructure), 44-45
public keys, 41
overview, 36-38, 271
plaintext, 39
public key cryptography,
39-41
346 Index
server authentication, 38
symmetrical key cryptography,
38-39
CSC (Card Security Code), 293
CSS (Cascading Style Sheets),
281-282
cybercrime
brute-force attacks, 39
crackers, 5-6
identity crime, 16
identity theft
credit histories, 28-29
de?¬?nition, 16
dumpster divers, 29
The Identity Theft
Protection Guide, 29
information-entering
phase, 17-20
information-processing
phase, 24-26
information-storing phase,
24-26, 131
information-transfer
phase, 21-24
man-in-the-middle
attacks, 22-24
Social Security
Numbers, 28
law enforcement, 8
malware, 16-17
overview, 4-5
phishing
de?¬?nition, 18
growth of, 19-20
step-by-step process, 18-19
targeted phishing, 19
piracy, 5
script kiddies, 8
spam, 14
SQL injection, 26
Trojan horses, 8
value of information available
online, 10-16
viruses, 7-9
worms
de?¬?nition, 7
ILOVEYOU, 7-8
importance of, 9
motivation behind worm
creation, 9
D
databases, modifying to support
Information Cards, 276-277,
335-336
decoupling, 113
decrypting tokens
WCF (Windows
Communication
Foundation), 258-259
in websites, 238
department of motor vehicles
(DMV), 313
deployment scenarios
(CardSpace)
federation, 248-251
multiplayer games
getting browser tokens from
CardSpace, 267
getting CardSpace
tokens, 264-267
importing CardSpace
?¬?les, 264
opening CardSpace, 264
overview, 262-263
WCF (Windows
Communication
Foundation)
adding CardSpace
to, 255-256
calling CardSpace from,
256-258
claims processing, 260-261
overview, 252-255
policy options, 261-262
token decryption, 258-259
token veri?¬?cation, 260
websites
auditing and nonauditing
IPs, 246-247
dynamically setting site
requirements, 232
Information Card browser
extension, 224-231
logon process, 224
Managed Cards, accepting,
244-246
Personal Cards, accepting,
243-244
scripts, 232-243
digital certi?¬?cates
certi?¬?cate-based client
authentication
corporate smartcards
and intranet certi?¬?cates,
60-62
eIDs (electronic IDs), 65-69
overview, 60
SSL (secure sockets
layer), 62-65
de?¬?nition, 45
EV (Extended Validation)
certi?¬?cate, 209, 271,
276, 341
intranet certi?¬?cates, 60-62
migration issues, 320
root certi?¬?cates, 45
soft certi?¬?cates, 62
X.
Pages:
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495