This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Maverick Research The Death of Authentication...nobody
Maverick Research The Death of Authentication

Version management

Difference between version and

At line 1 added 28 lines
!!! Overview
[{$pagename}] is an article from [Gartner] by [Bob Blakley]
!! Bottom Line
[Authentication] is a bad technology: It's expensive to implement, it's hard to use, it's too easy to subvert or circumvent, and it fails more and more frequently and more and more spectacularly in today's increasingly risky electronic environment.
Until recently, there was no alternative, but now there is: Enough personal information exists in electronic form that we can move from [authentication] to recognition — and we will.
!! Context
A large number of recent incidents — characterized in the press and the security community as privacy breaches — are trying to teach us that a tremendous amount of information about people and their activities exists in the electronic world. We can use that information for evil purposes (e.g., to invade people's privacy), or we can ignore it — but we can also use it to improve peoples' online experiences.
!! Take-Aways
* [Authentication] has never worked very well, and it's degrading quickly in effectiveness.
* Until recently, no alternative to [authentication] existed when we wanted to gain any degree of confidence in peoples' [identities|Digital Identity].
* The explosion of online data about people and their actions gives us a new option: recognition.
* Recognition is how we identify people in the real world, and we've already started to do it in the electronic world — albeit mostly in low-assurance scenarios.
* Enterprises will move from [authentication] to recognition over the next decade.
* The change will be gradual, and the two solutions will coexist for several years.
* [Authentication] vendors need to start preparing for the shift now.
!! Conclusion
[Authentication] is everywhere, but it's sick, and it's going to die. It's going to be replaced by [recognition] — which is the way humans recognize each other in the real world. But the move to recognition will be gradual, and it will require that we pay significant attention to privacy.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Maverick* Research: The Death of Authentication|https://www.gartner.com/document/1818025?ref=unauthreader&srcId=1-4730952011|target='_blank'] - based on information obtained 2017-04-28-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop