Man is created to praise, reverence, and serve God our Lord, and by this means to save his soul.

And the other things on the face of the earth are created for man and that they may help him in prosecuting the end for which he is created.

From this it follows that man is to use them as much as they help him on to his end, and ought to rid himself of them so far as they hinder him as to it.

For this it is necessary to make ourselves indifferent to all created things in all that is allowed to the choice of our free will and is not prohibited to it; so that, on our part, we want not health rather than sickness, riches rather than poverty, honor rather than dishonor, long rather than short life, and so in all the rest; desiring and choosing only what is most conducive for us to the end for which we are created.

Mobile Authentication: Key Considerations for Developing Your Strategy

Here are my unedited notes from today’s talk by David Gormley who spoke on Mobile Authentication from the CA Siteminder perspective:

Mobile authentication
Infrastructure that supports similar platforms
General set of platforms
Session mgmt
Policy centralization

Mobile devices are iniquitous
Help with other logons

Out of band authentication via mobile device
Key VOB on phone
Strong authentication embedded in phone
Risk based authentication. Transparent
Build auhn/Sdk in the app
Adaptive or RISK based auth
User behavior
Device identification
Device based rules
Ca products
User/pass across the board
Web and mobile
Social sign on
Session mgmt
Coarse grained API authorization. Limit transaction to one million etc
CA arcotID One Time Password
Available now from App Store
Protected seed values
Locked to a device

CA RiskMinder
CA AuthMinder

Take a holistic view
Understand options
Use web knowledge
Security vs convenience
Lock credentials to devices
Use browser based apps when possible.