Difference between revisions of "Security"
From MgmtWiki
(→Full Title or Meme) |
(→Problem) |
||
| Line 7: | Line 7: | ||
==Problem== | ==Problem== | ||
| − | *Security is not a feature of the internet, it is an add-on. Even current activity, like [[OAuth 2.0]] and [[OpenID Connect]] are successful, not because they are secure, but because developers like the freedom they offer. | + | *Security is not a feature of the internet, it is an add-on. Even current activity, like [[OAuth 2.0]] and [[OpenID Connect]] are successful, not because they are secure, but because developers like the freedom they offer. For details on that see the page [[Bearer Tokens Considered Harmful]]. |
==Solutions== | ==Solutions== | ||
Revision as of 09:59, 28 October 2018
Full Title or Meme
For the purposes of Identity Management Security applies to authorizing access only to the legitimately identified user and protection of User Private Information.
Context
- Security in computer science covers a broad range of topics, like Availability that are not addressed in this wiki.
- While some security experts might feel that, in theory, Privacy is a part of security. In practice security and privacy are often at odds and need to be addressed as separate issues by separate sets of proponents.
Problem
- Security is not a feature of the internet, it is an add-on. Even current activity, like OAuth 2.0 and OpenID Connect are successful, not because they are secure, but because developers like the freedom they offer. For details on that see the page Bearer Tokens Considered Harmful.
