NIST
Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy
This bulletin summarizes the information presented in NISTIR 7817, A Credential Reliability and Revocation Model for Federated Identities, written by Hildegard Ferraiolo.
The publication analyzes the different types of digital credentials used in authenticating the identity of remote users of information systems and recommends practices to improve system security and information privacy. Topics discussed in the publication include challenges in managing the different types of identity services, recommendations for improving the process for the revocation of credentials when there are threats and risks to systems, and a proposal for the formation of a uniform reliability and revocation service that includes the participation of all parties of a federated community. The bulletin summarizes these topics and includes references to additional sources of information on identity management.
- Impact! Interior Design Solutions
- Symantec – Internet Security Threat Report 2013
- NIST – Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy
- National Institute of Standards and Technology (NIST) – Security and Privacy Controls for Federal Information Systems and Organizations
- Know your Enemies – Know Yourself – Art of War
- Symantec: Annual Study: U.S. Cost of a Data Breach
- National Institute of Standards and Technology – Glossary of Key Information Security Terms
- Ponemon Institute – 2012 Cost of Cyber Crime Study
- Ponemon Institute – Third Annual Benchmark Study on Patient Privacy & Data Security
- Stuxnet-style SCADA attack kept quiet after US gov tests