Creating a reputation system that's easy to use, safe and secure

A membership/subscription service like Ethoca could be a way towards creating an effective reputation system Security: Identity Management Alert NetworkWorld.com | Security Research Center | Update Your Profile Sponsored by Oracle Introduction to Oracle Role Manager In today's global business environment, managing data across users, organizations, locations and reporting structures quickly becomes a critical challenge. Oracle Role Manager solves these challenges by providing a comprehensive feature set for role lifecycle management across business and organizational relationships and resources. Built using scalable J2EE architecture, Oracle Role Manager enables business users to define user access by abstracting resources and entitlements as roles. Through seamless integration with Identity and Access Management (IAM) technologies, Oracle Role Manager enables you to automate provisioning events, addressing governance and compliance needs across your existing information technology infrastructure. Spotlight Story Creating a reputation system that's easy to use, safe and secure By Dave Kearns Last issue, in talking about Ethoca, I mentioned that their fraud-fighting scheme might be the basis for constructing the type of system we've been talking about for years without ever getting close to realizing a working system. If you read the last issue, you can probably guess that I'm talking about a reputation system. Read full story Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management. Related News: Risk management for better health Next month at the European Identity Conference I'll be talking about Risk Management ("Risk Management for Better Health, Fiscal and Physical"). In doing some research for that keynote, I came across a company which hosts what they call a "fraud fighting" service, but which comes under the risk management heading and just might be the pre-cursor to a type of service we've only thought of as "pie in the sky" until now. Why reputation works as an identity management element Last issue I began to talk about reputation as a component of an identity system. If you missed that issue, you should visit the Web site for Sxore, to learn more about Sxip's implementation of a reputation-based system. Today, I want to look at the implications of a reputation-based identity system. Is your reputation at risk? What we hear or read about someone can shape our ideas well before we actually meet them. That makes some believe that reputation could be the next online-identity risk. Global executives warned of online reputation danger Nearly three-quarters of Asia Pacific business executives regard their company's reputation as vulnerable and nearly all of them use the internet to assess other firms. Internet Identity Workshop throws up the question of what's next in identity? Last week I said that I expect to learn quite a bit at the Internet Identity Workshop (IIW) - the semi-annual ID geekfest in Mountain View, Calif., and I did indeed learn quite a bit. Some of it was even about identity ... Are You Infected? A Smart and Simple Test. A common tactic used by malware is to block the infected computer from connecting to the Web sites of antivirus and security companies. Such blocks are meant to prevent you and your antivirus program from getting help in removing the infection. Chinese information warfare capabilities As world economic conditions continue to worsen, I expect to see growing use of industrial espionage techniques by current actors and by new ones. Threats against proprietary information and perhaps even risks from sabotage may well increase over the next months and perhaps years. Despite the reflex tendency for retrenchment as revenues fall, now is not the time to be reducing the information security workforce. PCI Standard Criticized at House Hearing At a congressional hearing last week, federal lawmakers and retail industry officials contended that the PCI security rules have done little to stop payment card data thefts and fraud. April giveaways galore Cisco Subnet and Microsoft Subnet are giving away training courses from Global Knowledge, valued at $2,995 and $3,495, and have copies of three hot books up for grabs: CCVP CIPT2 Quick Reference by Anthony Sequeira, Microsoft Voice Unified Communications by Joe Schurman and Microsoft Office 2007 On Demand by Steve Johnson. Deadline for entries April 30. Network World on Twitter Get our tweets and stay plugged in to networking news. App to no good A look at the top 10 iPhone apps that could get you into trouble. CEO payday breakdown A detailed account of how much tech chiefs made in 2008. Sponsored by Oracle Introduction to Oracle Role Manager In today's global business environment, managing data across users, organizations, locations and reporting structures quickly becomes a critical challenge. Oracle Role Manager solves these challenges by providing a comprehensive feature set for role lifecycle management across business and organizational relationships and resources. Built using scalable J2EE architecture, Oracle Role Manager enables business users to define user access by abstracting resources and entitlements as roles. Through seamless integration with Identity and Access Management (IAM) technologies, Oracle Role Manager enables you to automate provisioning events, addressing governance and compliance needs across your existing information technology infrastructure. Accurately Troubleshoot your Apps Optimize your application troubleshooting efforts with the best practices described in this whitepaper, "Application Troubleshooting Guide." Eliminate finger pointing between departments. Find out how to isolate the source of application performance problems and what to look for when troubleshooting. Get all of the details today. Download this whitepaper now. Everybody says "Do more with less!" But no one tells you how. We will and it costs nothing to find out at IT Roadmap Conference and Expo. Coming to 10 cities in 09 including New York in February, Denver in March, Chicago in April. Register now, attend free   04/08/09 Today's most-read stories: Afraid of losing your job to a younger, cheaper IT worker? Should Cisco move on Sun? 15 secrets of next-gen browsers Bill would give Obama power to shut down Internet Top 10 technology skills Netscape alums tackle cloud storage Microsoft limits Windows 7 upgrade options High-tech job cuts soar in Q1 Economy forcing 'spoiled' generation to grow up IBM, Sun unable to reach a deal, report says Students learn through robot battles Network World on Twitter: Get our tweets and stay plugged in to networking news Complimentary DNS newsletter Sign-up today and receive the latest DNS news and analysis. This newsletter provides deep insight into this murky area and offers ways to understand and mitigate risk with better management and control of your domain, email and DNS. Sign up now Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now   This email was sent to security.world@gmail.com Complimentary Subscriptions Available for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge, Apply here. Terms of Service/Privacy   Subscription Services Update your profile To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. Unsubscribe Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701 Copyright Network World, Inc., 2009 www.networkworld.com