A week of neat security stuff

This week, I’ll be doing three neat security events, and you are invited!

Wednesday morning, I’ll be speaking at the Central Ohio ISSA about Windows Identity Foundation, OpenID and Claims Based Authentication. Details are here. This is the topic description:

“Escalation of privilege is based on a model of security that is driven by roles and groups for a given application. I am in the Administrator role, the Accounting group contains your username. What if instead you carried a token with a verifiable set of claims about your identity? One that is encrypted, requires no round trip to an authorization server, and can be coded against in a native API? Would that bring more security to our government and medical applications? Or is it just as full of holes as everything else? Join Bill in checking out Claims Based Security via Windows Identity Foundation, and see if it fixes problems or is the problem.”

That evening (wshew!) I’ll be giving a presentation on high-security locks at the Columbus Locksport International meeting at the Columbus Idea Foundry.  You can sign up here. Please RSVP if you are coming, because we need to plan for a crowd if we have one.  I’ll be covering security pins, and the idea behind sidebar locks.

Then, Friday, I’ll be at B-Sides Cleveland giving the WIF talk again.  It’s at the House of Blues, and I’ll be talking at 10AM.  The conference is sold out, though.  Too bad - it sounds like an awesome lineup, and I am just floored to be among them. Freaking ReL1K is speaking – he built the Social Engineer’s Toolkit for crying out loud. I’m truly honored.  I am looking forward to this.

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites