Some examples on how to assess the impacts of potential consequences of unauthorised authentication for determining the overall assurance level of respective service / transaction scenarios.
There are three basic authentication factors (i.e. “what the user knows”, “what the user has”, and “what the user is or does”) commonly referred to in an authentication system.
To prevent unauthorised users from gaining access to protected resources, secure authentication systems are required to ensure that users are who they claim to be.
Public Key Infrastructure (PKI) is a widely accepted IT security framework based on 'Public Key Cryptography'. The Hong Kong Government has laid a solid foundation for deployment of PKI through the enactment of the Electronic Transactions Ordinance and the establishment of a public Certification Authority (CA) through the Hongkong Post.
Virutal Private Network (VPN) security is an increasing demand nowadays to connect to internal networks from distant locations. Employees often need to connect to internal private networks over the Internet (which is by nature insecure) from home, hotels, airports or from other external networks.
The Internet is now more than just an information source or research tool. It provides a great deal of opportunities for us to work, transact, communicate, learn and play.
Users can enjoy the benefit of choosing one password to access multiple applications, instead of memorising many different passwords. However, compromise of one authentication event could result in the compromise of all resources that the user has access rights to.
Identity management in an enterprise is a combination of processes and technologies to manage and secure access to the information and resources of an organisation.
Electronic authentication (e-Authentication) is the process of establishing confidence in user identities presented electronically to an information system. This may involve verifying with “what the user knows”, “what the user has”, and/or “what the user is or does”. The greater the number of factors being verified, the higher the confidence can be established.
Many computer and console video games can be played online against other players over the Internet. Players are allowed to communicate sometimes using text messages typed into the computer and sometimes using a microphone.
The followings are some security measures / good practices to reduce the risks and avoid privacy breaches when hosting VC meetings or using VC solutions.
Identity theft is a criminal act of getting hold of personal data of others without their knowledge or permission with an intent to defraud. The personal data is used by identity thieves to impersonate the data subjects for fraudulent purposes.
