Concordia DG Authz and LOA Surveys Now Live!

(Posted on the behalf of Concordia Discussion Group Leadership – Paul Madsen & Tatsuki Sakushima)
The Concordia DG has created 2 short (~ 10 questions) surveys around assurance & authorization issues.
Authorization is one of the hottest topics in computing security today. Great strides have been made in the area of authentication, but the ultimate purpose of authentication is to provide input to authorization decisions. Security product vendors are offering packages that can serve as centralized authorization systems, or Policy Decision Points (PDPs) and Policy Enforcement Points (PEPs) in XACML parlance. These products generally offer integration kits for various applications and platforms. Many organizations have or are beginning to architect XACML-based, logically-centralized authorization systems. The purpose of this survey is to generate data about both the business and technical drivers for authorization in the enterprise today.
More and more, industries & governments are choosing a ‘Level of Assurance’ (LOA) model as a means to provide federation partners appropriate confidence in identity data received from external 3rd parties. But is the LOA model the only possible mechanism? This survey is intended to tease out real requirements of federated participants – perhaps answering this question.
Please consider taking the surveys yourself, and/or spread the word to partners, colleagues, etc not involved in KI.
Paul Madsen & Tatsuki Sakushima
Co-Chairs – Concordia DG