Context and Identity again…

When Dave Kearns makes a prediction you better think about betting on it or at least pay attention. From his 2008 predictions….

Risk management, which I lump under context-based access control (CBAC), will become very important in 2008.

Source: Risk management and access management come to the fore in ’08 – Network World

So that’s at least the second pundit using the word context in predictions. If I get his drift, Dave is predicting that risk awareness will become a key component to determining access. So context drives smarter preventative controls. Can’t disagree with that.

I believe that risk awareness will also be a key component in determining audit requirements, proof of compliance requirements, monitoring requirements, etc. So context drives smarter detective controls and processes too. I think this will be particularly true given the recent Audit Standard 5 guidance [for a full text treatment] given to auditors which encourages “auditors to use professional judgment in the 404 process, particularly in using risk assessment”.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: