Ad: Manage updates with the Download App
ie8 fix

xacml

On the security road to 'de-perimeterization'

I first heard the term "de-perimeterization" back around 2004. This expression was attributed to the Jericho Forum, a group of chief information security officers and industry leaders who anticipated a new business requirement and security challenge. Jericho Forum knew that ubiquitous global connectivity spelled the end of the network "walled garden"--private corporate networks protected by perimeter devices like security gateways and firewalls. As more and more organizations opened their networks, developed externally focused applications, and welcomed new, untrusted users, information security was bound to get a lot more difficult.

According to ESG Research, the 2004 … Read more

XACML: A still-emerging standard worth watching

We work in an industry with its own language--acronyms.

A lot of them come and go or are so esoteric that few people in industry even know about them. I'm hopeful that a standard I'm tracking won't fall into one of these buckets. It is called the Extensible Access Control Markup Language (XACML, pronounced zack-mil). This markup language was first ratified by OASIS in 2003. XACML 3.0 is currently in the works.

What's so special about XACML? This standard has the potential to help simplify the mess around two questions:

• Who should have access … Read more