Security

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

For the purposes of Identity Management Security applies to authorizing access only to the legitimately identified user and protection of User Private Information.

Context

  • Security in computer science covers a broad range of topics, like Availability that are not addressed in this wiki.
  • While some security experts might feel that, in theory, Privacy is a part of security. In practice security and privacy are often at odds and need to be addressed as separate issues by separate sets of proponents.

Problem

  • Security is not a feature of the internet, it is an add-on. Even current activity, like OAuth 2.0 and OpenID Connect are successful, not because they are secure, but because developers like the freedom they offer. For details on that see the page Bearer Tokens Considered Harmful.

Solutions

References