Access control and authentication - News, Features, and Slideshows

News

• Hacked iTunes accounts continue to sell in China

  The sale of iTunes accounts that have reportedly been hacked has yet to be stopped by Apple or the Chinese e-commerce site hosting the sellers.

• Cloud Security Alliance updates controls matrix

  The Cloud Security Alliance (CSA) has launched a revision of the Cloud Controls Matrix (CCM). The new matrix (version 1.1), available for free download, is designed to provide fundamental security principles to guide cloud vendors and help prospective cloud customers assess the overall security risk of a cloud provider.

• How secure is Windows Phone 7 app code?

  A recent glitch on Microsoft's download servers for brand new Windows Phone 7 applications has sparked widespread Internet chatter among developers and focused new attention on the best ways to protect smartphone apps from being hacked.

• Attachmate to feast on Novell technologies

  With its pending US$2.2 billion purchase of Novell, Attachmate is acquiring a rich portfolio of technologies. The next step will be actually putting these riches to work, analysts said Monday.

• VMware aims to give IT more control over SaaS apps

  VMware is working on products that will give enterprises more control over Software-as-a-Service (SaaS) applications, including how users are authenticated, company CTO Steve Herrod, said in an interview on Tuesday.

• Google adds OAuth support to Google Apps

  Joining a growing number of enterprise and consumer-facing Web services, Google has added support in Google Apps for the OAuth authorization profile, the company announced Monday.

• OAuth 2.0 security used by Facebook, others called weak

  The emerging OAuth 2.0 Web API authorization protocol, already deployed by Facebook, Salesforce.com and others, is coming under increased criticism for being too easy to use, and therefore to spoof by malicious hackers.

• Twitter API has new third party sign-on method

  Users of obscure third-party Twitter applications may be surprised to find that their apps no longer work, if the app creators of those apps haven't been keeping up with changes in the Twitter API (application programming interface).

• 3M offers $US943M for biometric security vendor Cogent Systems

  3M has agreed to buy biometric access control systems vendor Cogent for around $US943 million in cash.

• Elcomsoft releases iPhone 4 password cracker

  Russian password-cracking company Elcomsoft has released new software that can in some instances figure out the password used to encrypt backed-up iPhone data.

• Terry Childs is denied motion for retrial

  The former San Francisco network administrator who refused to hand over passwords for one of the city's networks was denied a new trial on Friday and is expected to be sentenced Aug. 6, a spokeswoman for the district attorney's office said.

• OpenSSO, neglected by Oracle, gets second life

  A Norwegian startup is assuming responsibility for maintaining an open source Web authentication technology originally developed by Sun Microsystems, and seemingly neglected by Oracle, which purchased Sun in January.

• Unix Active Directory software gets faster

  Likewise Software has released a new version of its open-source authentication software for allowing Linux, Apple Macintosh and commercial Unix-based computers to hook into Microsoft Active Directory controlled servers and networks.