This is a site designed to make it easier to take the core of large published reports and allow anyone to comment on them.


89 Further information on the complexity requirements for credentials and col ateral information may be found within the fol owing documents: CESG Infosec Memorandum Number 24, passwords, tokens and biometrics used in combination for identification and authentication of users of government IT systems, Issue 2.1, August 2004. CESG Infosec Memorandum Number 26, passwords for identification and authentication, Issue 2.1, June 2004. CESG Infosec Memorandum Number 27, assessment of the contribution of tokens to multi-factor identification and authentication systems CESG Infosec Memorandum Number 28, performance and assurance standards for biometric systems contributing to multi-element identification and authentication, Issue 1.0, January 2005. 90 A list of what these obligations are, supported by a tick-box attached to a statement that the client confirms having read and agreed to the list of obligations, would be sufficient in most cases. 91 For example use of a firewall and antivirus software, employing a patching policy (eg using windows update or similar), using up-to-date browser software, making use of publicly available guidance that is aimed at citizens, etc.

Email this to a friend.
Previous itemNext item.


(You must give a valid email address, but it will not be displayed to the public.)

We only allow the following html tags em strong blockquote p br. After posting, there may be a short delay before your comment appears on the site