ti&m Blog

14. September 2017
Der Wert der Identität

Datenschutz // Information ist die Währung des 21. Jahrhunderts. Folgt man diesem Gedanken, so liegt es nahe, dass unsere digitale Identität das Konto ist, über das wir diese Währung handeln.

03. May 2017
Authentication Is Good, Trust Is Better. What About Trusting Delegated Identity?

Trust in a relationship is a must and this is not only holds true for private lives but also in the virtual life. While trustworthiness for established authentication protocols is mainly based on agreement between entities, certificates and keys, trust in the identity delegation context is ambiguous because the owner might not be the consumer of the API. This post addresses some trust concerns when introducing protocols based on identity delegation that de-facto lead to an identity paradigm shift.

03. April 2017
Warum Security ohne Usability zu Fehlern führt!

Neue regulatorische Anforderungen wie PSD2 und GDPR, sowie die ansteigende Bedrohung durch Cybercrime haben das Thema Security ganz oben auf die Agenda gesetzt. Kritisch ist aber, wie diese erhöhten Security-Anforderungen umgesetzt werden. Ungenügende Security macht angreifbar, andererseits kann schlecht umgesetzte Sicherheit zum Business-Killer werden.

09. February 2017
On the Internet, Nobody Knows You're a Dog – Identification with OpendIDConnect, the Prelude to Unique OAuth Authorization

When considering authentication, the first thing people think of is identity. However, with the use of new authentication frameworks applied to current business cases, essential security requirements seem to get neglected. Thus, it might just happen that we lose our identity on the internet. This article is part of a series based on different user’s feedback dealing with fundamental security concepts applied to the applicability of authentication and authorization protocols such as OAuth and OpenIDConnect.

05. December 2016
MAC Token Profile: the Never-Ending Battle over Signatures