RE: authentication and authorization (was: Question on the state of the security industry)

2004-07-08 Thread Anne Lynn Wheeler
At 07:23 AM 7/5/2004, Anton Stiglic wrote: Identity has many meanings. In a typical dictionary you will find several definitions for the word identity. When we are talking about information systems, we usually talk about a digital identity, which has other meanings as well. If you are in the

RE: authentication and authorization (was: Question on the state of the security industry)

2004-07-08 Thread Anton Stiglic
However, in some scenarios http://www.garlic.com/~lynn/2001h.html#61 the common use of static data is so pervasive that an individual's information is found at thousands of institutions. The value of the information to the criminal is that the same information can be used to perpetrate fraud

authentication and authorization (was: Question on the state of the security industry)

2004-07-07 Thread Nicholas Bohm
At 12:26 PM 7/1/2004, John Denker wrote: The object of phishing is to perpetrate so-called identity theft, so I must begin by objecting to that concept on two different grounds. Subsequent posters have doubted the wisdom of quibbling with the term identity theft. I think the terminology

RE: authentication and authorization (was: Question on the state of the security industry)

2004-07-07 Thread Anton Stiglic
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Denker Sent: 1 juillet 2004 14:27 To: [EMAIL PROTECTED] Cc: Ian Grigg Subject: Re: authentication and authorization (was: Question on the state of the security industry) 1) For starters, identity theft

Re: authentication and authorization (was: Question on the state of the security industry)

2004-07-03 Thread Anne Lynn Wheeler
At 12:26 PM 7/1/2004, John Denker wrote: The object of phishing is to perpetrate so-called identity theft, so I must begin by objecting to that concept on two different grounds. there are two sides of this some amount of crime statistics call it ID-theft which plausibly could be either

Re: authentication and authorization (was: Question on the state of the security industry)

2004-07-01 Thread John Denker
Ian Grigg wrote: The phishing thing has now reached the mainstream, epidemic proportions that were feared and predicted in this list over the last year or two. OK. For the first time we are facing a real, difficult security problem. And the security experts have shot their wad. The object