Talk:Identity-based security

Wiki Education Foundation-supported course assignment
This article was the subject of a Wiki Education Foundation-supported course assignment, between 19 September 2020 and 19 December 2020. Further details are available on the course page. Student editor(s): SpongebobSquarepants25. Peer reviewers: Exploredragon, Madssnake, Bobalily, Showtime oski, Hiiisparks, Lolabaylo, HanMiKC, Nicholas100000, Nankingaszz.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 22:49, 17 January 2022 (UTC)

The article needs complete rewriting
At this stage the article looks very much like an advertorial for Cyberoam.

Identity-based security is not:
 * a [Cyberoam] patented network security approach, but it can be a security model or framework, or an architecture, among other things.
 * a security approach put forward by Cyberoam, as it precedes Cyberoam's solution.

Also, identity-based security is not just:
 * a security approach which includes security components that provides visibility and control over user activity in a particular network, but rather a method of controlling access to a digital product or location based on the authenticated identity of an individual.

While it's true that it's often the case that the concept of identity-based security is used in connection with network security (Cisco (PDF), Aruba Networks (PDF), Palo Alto Networks etc.), it can be used with digital products as well.

Bibliography: Sven Kiljan, Koen Simoens, Danny De Cock, Marko Van Eekelen, and Harald Vranken. “A Survey of Authentication and Communications Security in Online Banking.” ACM Computing Surveys (CSUR) 49, no. 4 (December 5, 2016): 1–35. doi:10.1145/3002170. The academic journal titled “A Survey of Authentication and Communications Security in Online Banking” describes a survey conducted to provide analysts with advised security implementations with regard to banking authentication and communications. The journal starts off by giving an overview of the current state of global online banking security, followed by a brief history of electronic banking. The journal is divided into sections titled online and mobile banking development, customer to bank authentication, and bank to customer authentication and communications security. The journal concludes by noting the SSL / TLS authentication systems are promising systems and explains why most banks cannot agree on a single authentication system. While the journal is very informative and unbiased, I do have to note that I had quite a hard time understanding it given the specific jargons used to describe advanced authentication systems such as SSL and TLS. This source would be useful for all individuals looking into authentication systems for the banking industry, but I would not recommend it to anyone since it requires an advanced understanding of the topic at hand. Overall, this article did not change my opinion in any way but add to my understanding of authentication systems in the banking industry.

Noack, Torsten, and Herbert Kubicek. 2010. “The Introduction of Online Authentication as Part of the New Electronic National Identity Card in Germany.” Identity in the Information Society 3 (1): 87. doi:10.1007/s12394-010-0051-1. The academic journal titled “The Introduction of Online Authentication as Part of the New Electronic National Identity Card in Germany” describes the introduction of an electronic identity for all Germans in the ‘90s for online authentication. The journal also discusses concerns for this new form of electronic identity with regard to visual inspection and border control. As concerns grew, the electronic identity in Germany became an opt-in option instead of a mandatory one. The journal concludes by discussing the motivations behind the electronic identity itself as a result of controversial public safety debates. Overall, this journal seems like an informative and unbiased source, filled with historical facts as well as numerous datasets. This source would be useful for individuals looking into the development of online authentication in Germany, and I would certainly recommend this journal to others because it is concise and to the point. Although this article did not change my opinion, it did provide me with insight into the German identity card issued in the ‘90s as well as its effectiveness. Daniel J. Greenwood, and Ray A. Campbell. 1997. “Electronic Commerce Legislation: From Written on Paper and Signed in Ink to Electronic Records and Online Authentication.” The Business Lawyer 53 (1): 307. https://search-ebscohost-com.libproxy.berkeley.edu/login.aspx?direct=true&db=edsjsr&AN=edsjsr.40687785&site=eds-live. The academic journal titled “Electronic Commerce Legislation: From Written on Paper and Signed in Ink to Electronic Records and Online Authentication” acknowledges the growth of electronic commerce and the importance of a modern, legal infrastructure in order to realize its full potential. In addition, the journal seeks to underscore the importance of the electronic signature due to its involvement in e-commerce. The journal then continues to describe the process of an electronic signature and how it is processed electronically to authenticate an online transaction/procedure. While the journal is informative and unbiased, it did include certain abbreviations and references to many laws and statutes. Because of this, I would not recommend this journal to anyone since it does require a basic understanding of specific terminology as well as laws regarding signatures. Overall, although this article did not change my opinion, it did add to my understanding of how online signatures are processed in order to authenticate transactions. Siri Carlson. 2016. “When Is a Tweet Not an ‘Admissible’ Tweet? Closing the Authentication Gap in the Federal Rules of Evidence.” University of Pennsylvania Law Review 164 (4): 1033. https://search-ebscohost-com.libproxy.berkeley.edu/login.aspx?direct=true&db=edsjsr&AN=edsjsr.24753531&site=eds-live. The academic journal titled “When Is a Tweet Not an ‘Admissible’ Tweet?” describes the advancement of the recent “digital age,” filled with online information through messages, photographs, and videos. As argued in the journal, the proliferation of online information calls for more reliable authentication systems, which may be able to fix some mistrust within the online community. The journal begins by giving a brief overview of social media and its prevalence, then moves on to current modes of authentication and discussing possible updates and proposals to these authentication systems. The journal concludes by stating the authentication systems of social media services are insufficient until better rules and guidelines are put into place. The journal is overall informative but definitely biased since it includes the personal opinion of the author. I would recommend this article to people who wish to gain a better understanding of the importance of online authentication in the “digital era” since it is generally easy-to-read and includes numerous real-life incidents and laws. Although the article did not change my opinion, it did further reinforce my belief in the importance of online authentication and digital responsibility.

Schroers, Jessica. 2019. “I Have a Facebook Account, Therefore I Am – Authentication with Social Networks.” International Review of Law, Computers & Technology 33 (2): 211–23. doi:10.1080/13600869.2018.1475895. The academic journal titled “I Have a Facebook Account, Therefore I Am – Authentication with Social Networks” analyzes the effects of social media login accounts and its applications to other types of services. The journal starts by introducing the “identity” element of the internet that requires login services to clearly identify the individual. The journal then discusses the use of Facebook login for e-government access as well as the possibilities of being locked in or locked out of an account. The journal concludes by stating that social log-ins should not be used for e-government access and stating the potential complications of logging in and out of different social network providers due to internet restrictions. While the journal is informative and includes many citations, I do not see it as completely objective since hints of opinion are included in the article such as the author’s view on what makes a social login too complicated. This source would be useful for all individuals looking into personal identification, specifically with regard to social media. I would recommend this article since it is overall easy-to-read and includes many interesting information. This journal has not changed my opinion in any way but did provide me with a deeper understanding of social logins. — Preceding unsigned comment added by SpongebobSquarepants25 (talk • contribs) 17:38, 21 October 2020 (UTC)