Re: At Least 20 Big-Name Passports Breached

["Allan Friedman" <allan_friedman () ksgphd harvard edu>]

On Fri, Mar 28, 2008 at 10:38 AM,  <james.kerr () ceelox com> wrote:
> We have had tremendous success in protecting identities within the banking
>  industrie by use of biometric technology. The customer can pass credentials
> with more safety than pin numbers and pictures of ducks.

I'd love to learn more about this, particularly how it scales across
bureaucracies, particularly if the customer isn't present. I'm not
thinking about public databases but large private ones that have many
people with many different functions doing different things, (e.g.
medical records).

I'm guessing that to prevent the above mentioned passport file
snooping from happening to some one not on a pre-specified watch list
you would need to
a) reorganize the data architecture of the entire system
b) overlay a pretty strong identity layer
c) introduce secure credentialing that allow a yes/no query without
leaking more info
d) probably some chunk of all of the above.

As long as access to databases is fairly unsupervised inside the
organization, you're going to see identity theft.

allan
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml