Authentication or Identity Management

ID verification, analytics can help agencies fight fraud

Combining an automated verification system and data analytics for prevention and detection helps create a powerful tool for government IT professionals facing a flood of fraud.

Divide the password process to defend against attacks

An innovative cryptographic scheme does away with trusted third parties to protect stored and scrambled passwords on separate servers.

How government created a new secure hash

The government has specified a series of vetted cryptographic algorithms that can be used to verify the authenticity of documents and digital signatures. Here's how they do it.

Why agencies don't have to upgrade to a new crypto hash

The winner of the five-year competition -- called Keccak -- will be a candidate for the new federal SHA-3 standard, but NIST scientists say it is not a replacement for SHA-2, which has held up better than expected.

Can mobile devices work as ID cards, thin clients on a secure net?

DISA wants software that would let DOD personnel securely use smart phones and tablets on DOD networks.

Moving encryption to the enterprise edge involves trade-offs

DOE is using a cloud-based appliance to handle encryption of unclassified e-mail, but the solution is not for everybody.

Energy adapts its PKI to handle old and new technologies

Although PIV cards are intended to be a standard source for PKI certificates, legacy hardware and software and the emergence of mobile devices have led DOE to adopt a gateway encryption appliance for secure e-mail.

NASCIO offers states guidance on trusted digital identity

The group's report can help states use their digital infrastructure to securely conduct business with other states, organizations and the public.

Common IT security framework for government gets a step closer

NIST’s new risk assessment guidelines caps planned efforts of a multiagency task force, but federal cybersecurity is just entering its new phase.

New smart-card, CAC reader built for government

Belkin says its the first reader built specifically for use in defense and civilian agencies.

RIM wants your BlackBerry to be your access badge

HID Global has a service that would let users replace ID credentials and tokens with their BlackBerry phones. Could it work in a government enterprise?

Leaked Apple IDs traced to Blue Toad, not FBI

Those Apple Unique Device Identifiers leaked last week by AntiSec, which claimed to have stolen them from an FBI computer, actually originated with a company that develops iOS apps for magazine publishers.

Agency breaches are down, but exposed records are way up

Government has eliminated a lot of low-hanging fruit, but the number of records exposed is increasing by millions each year, according to a Rapid7 analysis.

3 simple tricks for defeating hackers on the road

In certain places, traveling feds can almost count on an attempt to steal information from their laptops. Here are ways to give them the old Willy Wonka.

FBI, Apple leave users vulnerable after alleged AntiSec hack

With millions wondering if their device identifiers are included in the reported breach of FBI files, the FBI and Apple clam up, leaving users vulnerable to scammers offering to fill the information void.

Magic log-in ring lets you use finger swipes for passwords

Researchers at Rutgers have developed a prototype device that lets you authenticate with the swipe of a finger.

AI surveillance cameras can learn, remember ... and forget

The AISight cameras used during the Republican convention adapt to their environment to determine if anything is amiss.