When PKI is mentioned there are three terms that often come to mind: complicated, expensive and secure. The past few years have seen PKI deployments become simpler and more affordable but at the same time the security has become more questionable. Mark Yakabuski, vice president of HSM Product Management at SafeNet, talks about how PKI on its own is not good enough to secure computer networks and why a layered approach is necessary, including hardware security modules. "PKI is based in software. ...
Sep 22, 2011•9 min
Google+ wants members to use their real names. But for some pseudonyms may be more identifying than real names. Kaliya Hamlin, or Identity Woman, is one of these people but when she tried to use this moniker on the site she was suspended. Hamlin, who along with others runs the Internet Identity Workshop, tells the tale of identity with Google+ and why pseudonyms are an important part of the Internet.
Sep 15, 2011•21 min
The American Bar Association's Identity Management Legal Task Force and the Transglobal Secure Collaboration Project (TSCP) held a joint meeting to discuss ID management issues. Much of the discussion focused on liability, contracts and how an ID system should be structured. Tom Smedinghoff, a partner at Wildman Harrold and chairman of the ABA Task Force fills listeners in on the meeting and whether it will impact the National Strategy for Trusted Identities in Cyberspace.
Aug 15, 2011•8 min
The UK is considering enabling citizens to use a Facebook ID for access to government services. Tom Smedinghoff, a partner at Wildman Harrold and chairman of an American Bar Association Task Force fills listeners in on how this would work and whether it may happen in the U.S. with all the discussion around online identities.
Aug 03, 2011•11 min
There are roughly a dozen bills in Congress that cover some aspect of citizen's privacy. Chris Wilson, director and counsel for E-Commerce and Telecommunications at TechAmerica, fill listeners in on the latest in possible privacy legislation along with predictions on what may happen with some of the bills.
Jul 28, 2011•12 min
Some may consider Kenneth Weiss the godfather of two-factor identification. The founder of Universal Secure Registry and developer of token-based authentication technology has since moved on to other security technology that uses voice biometrics and the mobile phone. The new system would identify a user by their voice, a PIN and a randomly generated number that would be attributed to him for specific uses upon the initial two-factor authentication. Weiss also calls out RSA for the SecurID data ...
Jul 13, 2011•17 min
Google is first out of the gate with details on it near field communication system, not only enabling payments but loyalty and marketing as well. Howard Wilcox, senior analyst at Juniper Research, details the announcement’s significance, what the tech giant should watch out for, along with Juniper’s predictions for the NFC market.
Jun 14, 2011•12 min
News around near field communication is constant these days with much of the focus around payments. But eventually the mobile device may replace keys as well as payment cards. Regarding ID's Gina Jordan speaks with Daniel Berg, vice president and general manager at ASSA ABLOY Mobile Keys about using the mobile phone as a physical access control token.
May 31, 2011•8 min
Feedback on the National Strategy for Trusted Identities in Cyberspace has been solid, explains Jeremy Grant, senior executive adviser and manager of the National Program Office for the NSTIC. He shares his thoughts on the public response, highlights immediate goals and addresses criticism of the current strategy.
May 05, 2011•11 min
The National Strategy for Trusted Identities in Cyberspace has lofty goals but as always the devil is in the details. If implemented correctly the strategy is a good thing, though this won't be easy. "It is a utopian document," says Aaron Titus, chief privacy officer and vice president of business development at Identity Finder. "Hating NSTIC, in it's current form, is like hating puppies and rainbows because it just about says anything that anyone would want. My concern is in the implementation,...
Apr 27, 2011•18 min
The National Strategy for Trusted Identities in Cyberspace has been released and there are some differing opinions on whether it's a good or a bad thing. In the first in a series of podcasts exploring the strategy, Jim Harper, director of Information Policy Studies at the Cato Institute, doesn't think it's a good idea. The author of "Identity Crisis: How Identification Is Overused and Misunderstood" says that any online identity scheme needs to come from the private sector with no government inv...
Apr 22, 2011•10 min
The Southeastern Pennsylvania Transportation Authority still uses tokens and paper transfers. The transit system that serves 1 million commuters daily will be making the switch to contactless smart cards and even near field communication in the coming years, Richard Maloney, SEPTA's director of public affairs, told Regarding ID's Gina Jordan. "For the riders, they will be able to use either a SEPTA card, which they can purchase, they'll be able to use their cell phones or building ID cards or th...
Apr 11, 2011•5 min
Securing online identities is a hot topic. Gemalto and Microsoft Corp. have partnered to bring a product to market combing smart cards with cryptography to enhance privacy and trust. Gemalto's James McLaughlin discusses the partnership with Microsoft and how it may change the way people identify themselves online. "It allows a person a way to present the claims about themselves to someone else or something else, a service for instance, and do that in a way that's secure and allows them to contro...
Mar 21, 2011•6 min
In the latest edition of the Regarding ID podcast, Anna Fernezian, program manager for identity and assurance at CSC, fills listeners in on PIV-I, the smart card specification that can be used by non-federal issuers to create highly-secure credentials. Fernezian talks about the specification and why it's important as well as the role it may play with future credentialing projects.
Mar 09, 2011•9 min
Ely Kahn was a member of the White House National Security Staff when the idea of creating a a more secure identity management system for the Internet was formed. This eventually turned into the National Strategy for Trusted Identities in Cyberspace, or NSTIC. Khan talks about where NSTIC came from and the process that went into creating the strategy.
Mar 03, 2011•11 min
Shared secrets, such as your first pet's name or a high school mascot, are a common way to retrieve passwords and reset accounts. With the explosion of social networking these secrets are easier for fraudster's to find. To combat these problems IDology has developed a knowledge-based authentication solution that uses a company's data on an individual to create questions. Regarding ID's Gina Jordan spoke with John Dancu, CEO at IDology, about his company's new product.
Feb 14, 2011•9 min
The first in a series of podcasts discussing the National Strategy for Trusted Identities in Cyberspace, or NSTIC. Jim Dempsey, vice president for public policy at the Center for Democracy and Technology, gives his take on the strategy along with what some possible obstacles may be for the government and private sector.
Jan 13, 2011•16 min
Standards for proofing and vetting an identity vary by different jurisdictions. With many different project underway designed to offer individuals a better way to assert an identity there are also efforts to standardize how it is proofed and vetted. Dan Combs, CEO at the eCitizen Foundation and Member of the Harvard Policy Group-Leadership for a Networked World, is leading the current drafting work that may lead to a U.S. standard for identity proofing and vetting. In this edition of the Regardi...
Dec 14, 2010•11 min
The U.S. Department of Defense has one of the largest Public Key Infrastructures in the world. Getting to that point wasn’t necessarily easy, says Scott Jack, director of identity assurance for DOD PKI. Jack spoke about the role PKI plays with the Defense Department credential and how it may be used in the future, including form factors other than smart cards.
Nov 09, 2010•16 min
The U.S. Department of Defense Common Access Card celebrated 10 years in October. As the forerunner to U.S. government smart card programs, many would say it set the stage for HSPD-12 and what is now the PIV credential that many government employees are carrying. Mike Butler, deputy director of the Defense Manpower Data Center for identity and personal assurance at the Defense Department spoke with Regarding ID's Zack Martin and Gina Jordan about the program's history and future.
Nov 01, 2010•12 min
PhoneFactor CTO Steve Dispensa and Sarah Fender, vice president of marketing and product management, spoke with Regarding ID’s Gina Jordan about a survey on the role of security in the adoption of cloud computing. PhoneFactor surveyed more than 300 IT professionals from a variety of industries on current and planned use of cloud computing, the perceived benefits of making the change and what’s holding them back. Fender says the results show a big interest in cloud computing because of the cost a...
Oct 06, 2010•11 min
In another of a series of podcasts investigating identity standards, Kevin Gillick, executive director at GlobalPlatform, talks with Regarding ID Editor Zack Martin about its place in the standards landscape and the role it plays.
Aug 09, 2010•18 min
In our continuing podcast series on identification standards, Don Thibeau, executive director at the The OpenID Foundation and chairman and president of The Open Identity Exchange, speaks with Regarding ID Editor Zack Martin about its place in the ID standards landscape and some of its different projects. OpenID may be the one ID standard that many people are already using but don't even realize it.
Jul 27, 2010•19 min
Government issued ID cards aren’t what they use to be. In the last 10-years the documents have changed from simple piece of laminated plastic to high-tech IDs with multiple security features. Regarding ID Editor Zack Martin spoke with Robert DeVincenzi, president and CEO at LaserCard, about the company’s role in changing IDs and a Frost and Sullivan report that analyzes some of the progress.
Jul 20, 2010•14 min
Jamie Henry, director of payment services with Wal-Mart treasury organizations, talks with Regarding ID's Gina Jordan about the retailer's push for EMV in the U.S. "We want to provide our customers with the most secure transactions that are in the market place, and the chip and pin technology provides that high level of security," Henry says. He also talks about contactless payments and how the retailer doesn't think that technology is secure.
Jul 14, 2010•8 min
In our continuing series on identification standards, Joni Brennan, managing director at Kantara Initiative, fills Regarding ID listeners in on the organization's interoperability certification and identity assurance programs. Kantara is trying to bring some unity to the various identification standards efforts underway across the globe.
Jun 23, 2010•21 min
In the third part of the Regarding ID series of podcasts looking at identity standards Editor Zack Martin speaks with J. Trent Adams, chair of the Kantara Initiative Leadership Council. In his day job Adams is Outreach Specialist for the Internet Society working on Trust and Identity Initiative. The Kantara Initiative is trying to bring unity to the various identification standards underway across the globe. Adams gives listeners an overview of what Kantara is trying to accomplish and how its ge...
Jun 21, 2010•17 min
In the second part of the Regarding ID series of podcasts looking at identity standards Editor Zack Martin speaks with John Sabo and Anil Saldhana, members of the OASIS IDtrust Member Section Steering committee. Sabo, director of Global Government Relations for CA Technologies, and Saldhana, lead security architect for middleware at Red Hat, talk about where OASIS fits in the identity management landscape.
Jun 14, 2010•16 min
The Regarding ID podcasts is kicking off a new series looking at identification standards. With more and more standards emerging for identification how do organizations know where to go and what standards to comply with? In this first in the series Editor Zack Martin speak with Alison Dunstan, director of the Transglobal Secure Collaboration Program. TSCP is a government-industry partnership working on solutions to issues in the aerospace and defense industries and has had some unique issues whe...
Jun 07, 2010•11 min
The idea of migrating from a legacy physical access control system to a newer one could be painful proposition for some. Re-carding may be the least of the worries because sometimes migration can involve entirely new backbones and infrastructures. Regarding ID Editor Zack Martin spoke with Allan Fontanella, senior director of product marketing for identity and access management at HID Global, about migrating access control systems and what the industry may experience in the future.
May 14, 2010•10 min
