Author: admini

At a press conference to set out the rules, DHS chief Michael Chertoff, played the Honest Joe card: “It’s very simple and it’s really a matter of common sense.

Applicants for driver’s licenses will need to bring documents to their state Department of Motor Vehicles offices to validate or prove five things: who they are, what their date of birth is, what their legal status is in the United States, their social security number and their address.

There are no solid plans to encrypt the barcode, meaning for example that bars might have access to patrons’ home addresses.

Inviting comment in its recommendations, the DHS said it “leans toward” scrambling the data, but said that cost might outweigh any privacy benefits. The history of such systems, such as the National DNA Database in the UK, suggest they are susceptible to mission creep; civil libertarians point out that once established, the only way for a database to go is bigger.

http://www.theregister.co.uk/2007/03/03/real_id_recommendations/

In a memo to his staff, the DOT’s CIO Daniel Mintz says he has placed “an indefinite moratorium” on the upgrades as “there appears to be no compelling technical or business case for upgrading to these new Microsoft software products.

Among the concerns cited by Mintz are compatibility with software applications currently in use at the department, the cost of an upgrade, and DOT’s move to a new headquarters in Washington later this year.

“Microsoft Vista, Office 2007, and Internet Explorer [7] may be acquired for testing purposes only, though only on approval by the DOT chief information officer,” Mintz writes.

In an interview Friday, DOT chief technology officer Tim Schmidt confirmed that the ban is still in effect. The DOT’s ban on Vista, Internet Explorer 7, and Office 2007 applies to 15,000 computer users at DOT proper who are currently running the Windows XP Professional operating system.

The memo indicates that a similar ban is in effect at the Federal Aviation Administration, which has 45,000 desktop users.

http://www.informationweek.com/news/showArticle.jhtml?articleID=197700789

“Identity management is one aspect of security that becomes a lot more complex in a Web services environment, because now you need a way to preserve the identities of both users and applications across different services.

The merger of Cisco and Reactivity could make it easier for enterprises to build a common structure for Web services security in at the network level, rather than forcing application developers to resolve the security issues at the program level, experts say. From that standpoint, especially in the virtualized data center, Reactivity and Cisco are in a good spot to make things happen.” “There is a threat of external attacks, and we’re addressing that, but in Web services, there’s a more important threat, which are security problems caused inadvertently by misprogramming,” says Sirota.

http://www.darkreading.com/document.asp?doc_id=117912&WT.svl=news1_2