SEARCH RESULTS
 
Showing 1-10 of 50 records
 
Expand article

Sun rebrands, releases Vaau roles management tools

2008-03-04 00:00:00 by John Fontana in Network World on Security
 
Sun Tuesday introduced Sun Roles Manager and positioned it as a key cog in its effort to extend its identity management platform so users can manage risk and meet compliance mandates
 
Tags: identity management platform, sun roles manager, sun tuesday, key cog, manage risk, compliance, extend, effort, users
 
 
 
 
Expand article

Rote Based Access Control

2008-05-09 13:25:26 by Gunnar Peterson in 1 Raindrop
 
...Roles are indeed in the domain of the identity weenie but alone, roles are nothing but a maintenance nightmare - they exist to be leveraged. Rules on the other hand, are the problem of the authorization weenie and are written (for example) as a WAM policy that says All Production Accountant Level II resources can access the accounting...
 
Tags: pamela dingle roles, roles, rbac introduces, collect roles, access, sharepoint instance, introduces, rbac, production accountant level
 
 
 
 
Expand article

Who should do your security audits? Or, how do you organize the security department?

2008-02-07 22:25:32 by Steve Riley in Steve Riley on Security
 
...roles program management product management software development software test Why this way? Consider the first two. We don't have "project managers" at Microsoft because project management incorporates two conflicting goals: managing people, schedules, and budgets (program management) versus incorporating customer requirements and creating...
 
Tags: information, information assets, information security, alignment folk, security alignment folk, information security department, alignment, security department, security
 
 
 
 
Expand article

Walking with the SDL Part 2

2008-07-21 16:56:00 by sdl in The Security Development Lifecycle
 
...roles contributing to the development process. A key factor for building a development lifecycle is educating your individual contributors on the value of investing in security. Of course changing culture takes time, but using the opportunity of structured training to explain your principles will be one of your most effective platforms for...
 
Tags: define security requirements, security requirements, requirements, security, security development lifecycle, development lifecycle, security pulse, perform security analysis, principles
 
 
 
 
Expand article

PrincipalPermissionAttribute and Static ctor Leads to DoS

2007-12-03 09:03:00 by Keith Brown in Security Briefs
 
...roles = { "SuperUser Thread.CurrentPrincipal = new GenericPrincipal new GenericIdentity("Alice"), roles Here's the output of the above program, exactly as written. Notice that the call order is such that the privileged user accesses the protected class first, so things work as you'd expect Inside static constructor Alice OK Bob failed due...
 
Tags: class sensitive, sensitive, class, class level, static constructor, inside static constructor, class program, static constructor leads, static void
 
 
 
 
Expand article

N-DEx National Intelligence System

2008-03-31 06:13:30 by schneier in Schneier on Security
 
...roles that private companies play in homeland security and counterterrorism efforts. They also underscore how the use of new data -- and data surveillance -- technology to fight crime and terrorism is evolving faster than the public's understanding or the laws intended to check government power and protect civil liberties, authorities said...
 
Tags: intelligence, police systems, police, authorities, surveillance authorities, local police, law enforcement, federal law enforcement, intelligence analysts
 
 
 
 
Expand article

Our Inherent Capability for Evil

2008-04-16 06:40:29 by schneier in Schneier on Security
 
...roles as either prisoners or guards Zimbardo's volunteers were bright, liberal young men of good character, brimming with opposition to the Vietnam war and authority in general. All expressed a preference to be prisoners, a role they could relate to better. Yet within days the strong, rebellious "prisoners" had become depressed and hopeless....
 
Tags: prisoners, fellow prisoners, zimbardo, tells zimbardo, dangerous prisoners, prisoners start, day, day sunday, previous day
 
 
 
 
Expand article

Defining Risk Management

2008-02-05 18:52:39 by Posted By: Paul Proctor, Research VP in IT Leaders - Security and Risk Management
 
...roles and responsibilities such as security, business continuity, privacy and many operations functions. In some cases, this is nothing more than a title change with no fundamental shift in methodology. This proliferation has led organizations to struggle at the top with clearly defining what enterprise risk management (ERM) means to their...
 
Tags: risk management, risk, enterprise risk management, led organizations, led, organizations, risk measurement, traditional, traditional operational roles
 
 
 
 
Expand article

The Growing Security Skills Shortage

The Article has images
2008-08-19 09:02:06 by Jonathan Penn in Security & Risk Management
...roles, Forrester analysts came to the conclusion that information security experts are among the hottest roles in IT , sharing the top spot with information/data architects The skills shortage is likely to get worse before it gets better. Were unlikely to see a significant spike in security experts salaries to attract those we need to hire:...
 
Tags: security, senior security personnel, security clients, security experts salaries, skills shortage, shortage, information security experts, skills, security personnel
 
 
 
 
Expand article

Making role management work for the enterprise

2008-09-17 00:00:00 by HASH0x8b49324 in Network World on Security