Informed Control Inc.

US Patent "7,747,645" published

mark.wahl@informed-control.com — Tue, 29 Jun 2010 07:00:00 +0000

Informed Control Inc.

US Patent "7,747,645" published

2010 June 29

On June 29, 2010, the US Patent Office published patent 7,747,645, which documents a system and method for calendar-based anomalous access detection.

An access control system is augmented with the ability to categorize access requests as anomalous, by correlating the time and location of the requesting user with information provided by the requesting user's calendar entries. These entries provide the dates and times that a user is anticipated to be located in a particular geographic region.

This is the second US patent assignment for Informed Control Inc. (last year Informed Control Inc. received 7,558,791 for a system and method for ontology-based translation between directory schemas.)

US Patent "7,558,791" published

mark.wahl@informed-control.com — Tue, 07 Jul 2009 07:00:00 +0000

Informed Control Inc.

US Patent "7,558,791" published

2009 July 7

On July 7, 2010, the US Patent Office published patent 7,558,791, which documents a system and method for calendar-based anomalous access detection.

An information processing system comprising a translation from a directory or individuals input source to a state database containing resource description triples, a mapping of the triples in the state database from one ontology class to another, and a translation from the triples in the state database to a directory or individuals output sink.

Technical Information Disclosure "System for failover in an identity federation" published

mark.wahl@informed-control.com — Wed, 30 Jan 2008 08:00:00 +0000

Informed Control Inc.

Technical Information Disclosure "System for failover in an identity federation" published

2008 January 30

"System for failover in an identity federation" (200411-03) published January 30, 2008

Technical Information Disclosure "System for authentication with an electronic mail service" published

mark.wahl@informed-control.com — Tue, 08 Jan 2008 08:00:00 +0000

Informed Control Inc.

Technical Information Disclosure "System for authentication with an electronic mail service" published

2008 January 8

"System for authentication with an electronic mail service" (200612-03) published January 8, 2008

at Burton Group conference

mark.wahl@informed-control.com — Fri, 13 Apr 2007 07:00:00 +0000

Informed Control Inc.

Mark Wahl of Informed Control Inc. to present Future Directions in Identity Lifecycle Management at Burton Group conference

2007 April 13

Mark Wahl of Informed Control Inc. will be speaking at the Burton Group Catalyst Conference 2007 on Your Identity Session: Future Directions in Identity Lifecycle Management.

For more information, see Future Directions in Identity Lifecycle Management presentation scheduled for Burton Group Catalyst NA 2007 .

Informed Control Inc. provides open source proof of concept implementation of schema retrieval for the Identity Metasystem

mark.wahl@informed-control.com — Sat, 07 Apr 2007 07:00:00 +0000

Informed Control Inc.

Informed Control Inc. provides open source proof of concept implementation of schema retrieval for the Identity Metasystem

2007 April 7

Informed Control released today the first version of the Schemat Consumer, a proof of concept research implementation of attribute type metadata parsing.

The specifications "Identity Attribute Metadata" at http://openid.net/specs/identity-attribute-metadata-1_0-01.html and at the Identity Schemas Wiki http://idschemas.idcommons.net/moin.cgi/MetaData describe how metadata of identity attributes can be represented using RDF. Online structured metadata provides applications and developers with additional information about unfamiliar attributes. Elements of metadata might specify, for example, the syntax allowed for values of that attribute, or how one attribute relates to other attributes.

The Schemat Consumer provides applications in an identity metasystem with a simple Java API for retrieving the metadata of URI-named attribute types.

More information on the Schemat Consumer can be obtained at the ldap.com schema ontology page.

Mark Wahl of Informed Control Inc. presents Assessment Techniques for Auditing Identity Management at RSA conference

mark.wahl@informed-control.com — Mon, 05 Feb 2007 08:00:00 +0000

Informed Control Inc.

Mark Wahl of Informed Control Inc. presents Assessment Techniques for Auditing Identity Management at RSA conference

2007 February 5

Mr. Mark Wahl, CISA, presented an overview of Assessment Techniques for Auditing Identity Management at the RSA conference 2007 in San Francisco.

From the session abstract:

"Recent legislation mandates that US federal government agencies must perform annual security reviews of their computer systems that contain sensitive data. This has led to the development of a category of best practice techniques and tools, known as Certification and Accreditation, for performing risk assessments for networked services, and verifying that the security controls on these systems meet requirements and actually work as intended. These concepts are not government or US-specific: they are directly applicable to any large organization. In particular, they are best employed when new applications are being deployed or existing deployments are being audited, in order to reduce the risk that a misconfigured or unmonitored security control might find its way into the deployment and later be compromised by an attacker, which could lead to the loss or exposure of private, business-critical data."

"This vendor-independent presentation introduces the security verification and validation techniques as used today across government agencies, and shows how they can be applied within companies, as part of software procurement and auditing processes, to address regulatory requirements and increase confidence in the effectiveness of security controls. As a successful attack on an organization's identity infrastructure could lead to the theft of large quantities of personal information, as well as compromise that organization's line of business applications, the presentation focuses on techniques to improve the trust of Identity Management deployments. Specifically it discusses external and internal threats to these deployments, and approaches for reviewing and monitoring directory, access management, provisioning and federation services."

More information is available at the Resources page, including references to the documents mentioned in the presentation.