Identity and Access Management


Directory

1. Active Directory : Windows solution
2. LDAP Directory

Safeguard personal information Legal

1. Safe Harbor (US)
2. TRUSTe
3. GDPR (Europe) 

Programms

1. penetration tests
2. network scans
3. bug bounty 

Vulnerabilities

1. Open Web Application Security Project (OWASP) for Web Application Security
2. SANS Institute

Other initiatives

1. Health Insurance Portability and Accountability Act HIPAA to protect patient data
2. Gramm-Leach-Bliley Act GLBA for consumer financial information. Federal Financial institutions Examination Council FFIEC provides guidelines for it
3. National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity 
4. Family Educational Rights and Privacy Act (FERPA) to protect the privacy of student education records.
5. G-Cloud by UK government for cloud services. 
6. Federal Information Security Management Act (FISMA) defines a comprehensive framework to protect government information

Open Standards

1. Security Assertion Markup Language (SAML) for web browser Single Sign-On (SSO) using secure tokens. XML based protocol. No password needed. 
2. OpenID : Decentralized authentication protocol by 3rd party
3. OAuth. OpenID is built on OAuth. REST API using JSON
4.  System for Cross-Domain Identity Management SCIM to exchange user identity information. REST API using JSON or XML

0 comments:

Post a Comment