RE: EFS and biometrics? Other options?
From: Thomas Ray (thomas.ray@tcud.state.tx.us)Date: 08/22/01
- Previous message: Steve: "RE: IDS"
- Maybe in reply to: info@cascadeone.com: "EFS and biometrics? Other options?"
- Next in thread: Ken Pfeil: "RE: EFS and biometrics? Other options?"
- Reply: Ken Pfeil: "RE: EFS and biometrics? Other options?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <F7639F8D8672D3119DBC00508B7159B80A45BF@TCUDSERVER1> From: Thomas Ray <thomas.ray@tcud.state.tx.us> To: security-basics@securityfocus.com Subject: RE: EFS and biometrics? Other options? Date: Wed, 22 Aug 2001 11:02:07 -0500
I would not advise using biometrics for your security. consider the
following scenario:
-you store your bio-info in some "smartcard" device. that card gets stolen.
how now do you change your bio-security info? you can't.
-or, try this, you have bio-metric security setup so it takes
palm/fingerprints/retina scan. you then get into some freak accident where
you, a)lose your hand or a fingertip, or even an eye. what do you do then?
especially if the bio-security interface only takes info from one source
(your right hand, not your left) (example- @ 3yrs ago I lost a little flesh
and skin from my index finger fingertip while working on a computer.
needless to say, my fingerprints don't match up on that finger)
the other problem is that of course you can NEVER change your bio-metric
info. it's yours for life. that's like having one password your giving a
hacker a chance to crack for years. since you are talking about using this
with laptops, that would imply having an attachment that could get lost
during travel.
I think I'll stick with passwords that I can change as often as I want.
The sooner the PKI infrastructure really gets setup, the better. I was at a
ISSA meeting the other day where we had a PKI Q/A panel. You may want to
look at a company called Entrust. They seem to be ahead of the curve for PKI
stuff.
tom
>-----Original Message-----
>From: Murtaza Nooruddin [mailto:noorix@yahoo.com]
>Sent: Tuesday, August 21, 2001 12:45 AM
>To: security-basics@securityfocus.com
>Subject: Re: EFS and biometrics? Other options?
>
>
>You are probably looking for a smartcard solution.
>Win2k has built in support for smartcards.
>
>----- Original Message -----
>From: <info@cascadeone.com>
>To: <security-basics@securityfocus.com>
>Sent: Tuesday, August 21, 2001 2:16 AM
>Subject: EFS and biometrics? Other options?
>
>
>> I am attempting to secure confidential information on remote machines
>(laptops). I know there are many ways to encrypt the entire HDD...
>>
>> EFS is offered by Microsoft, and of course comes default with the 2K
>install. Does EFS have any support for biometrics?
>>
>> What I am really looking for is a solution that will:
>> 1. logon via a biometric device
>> 2. automatic transparent encrypt/decrypt entire HDD
>> 3. no challenge (password, biometric) for encryption/decryption
>>
>> Has anyone done this type of thing with EFS, using Biometric
>logon? Has anyone done this with another product (or combination of
products)?
>>
>> TIA,
>> 5of3
- Previous message: Steve: "RE: IDS"
- Maybe in reply to: info@cascadeone.com: "EFS and biometrics? Other options?"
- Next in thread: Ken Pfeil: "RE: EFS and biometrics? Other options?"
- Reply: Ken Pfeil: "RE: EFS and biometrics? Other options?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
