RSA Conference 2010 -- Day 5

| | Comments (0) | TrackBacks (0)
What a conference! In case you missed it, I've blogged about RSA all week long:

Like last year, I finished the conference by attending Richard Howard's talk on cyber threats and trends.  Howard is the director of the iDefense Lab.  In his talks, he lays out new security disruptors that will drastically change the information security landscape over the next 5 to 10 years.  He warned of the following disruptors last year and this:

20092010
  • Cyber terrorism
  • Mobile threats
  • IPv6
  • Arbitrary TLDs and multilingual URLs
  • Virtual worlds
  • Shift in attacks to government targets (i.e., cyber terrorism)
  • Smart phones (i.e., mobile threats)
  • Cloud computing

Then, I went to a talk on cross-domain identity and access control presented by Tom Winnenberg, principal security engineer at Raytheon.  In it, he talked about federation and centralized authorization using XACML.  Centralized authorization, especially using XACML, is something I heard a lot about during the week actually.  Last year, that protocol was only mentioned once in a presentation given by Sun and Burton.  This year, I heard about it in a half dozen different sessions, a couple vendors on the show floor, and one other conference goer that I talked with. I think people are starting to wrap their heads around centralized authentication, and are now beginning to wonder about how to also centralize authorization.  So I think the attention paid to XACML will increase this year, especially if Microsoft begins supporting it their products (which won't happen in 2010).

All in all, it was a great show.  If you missed it, I would certainly recommend that check out those blog posts I listed above and try to attend next year if you can.