Re: All-in-One device for authentication and encryption

From: Eric Hagen (eric_at_sandpile.net)
Date: 10/16/03

  • Next message: Steven Ouimet: "Fwd: [Intrusense VNS] 7 New Microsoft Security Bulletins" 
    Date: Wed, 15 Oct 2003 18:32:55 -0500
To: Jennifer Fountain <JFountain@rbinc.com>, security-basics@securityfocus.com

    The software-only solution that comes to mind is Kerberos. It can be
    used to initiate encryption as well as to authenticate users and
    requires just a simple client on each user's PC to be installed.

    Sure, it's just based off a password ("something you know") and will
    never be as secure as a smart card ("something you have") + password
    implementation, but would provide a uniform means of
    authentication/encryption.

    Eric Hagen

    Jennifer Fountain wrote:

    >The powers to be want me to research an all-in-one device that can be
    >used for data encryption and password authentication. Authentication for
    >windows 2000, websites and vpn devices (such as Cisco) and file
    >encryption. Is there such an animal? Can smart cards do it all (if the
    >device is smart card compatible - I suppose) Is there a device that can
    >plug into a usb port?
    >
    >I have been looking into securid, smart cards, efs, etc but this isn't
    >good enough. It's budgeting time and they want a consolidated solution
    >that will save money. God help me.
    >
    >Any suggestions or input is greatly appreciated
    >
    >
    >Thank you
    >Jennifer Fountain
    >
    >
    >
    >---------------------------------------------------------------------------
    >----------------------------------------------------------------------------
    >
    >
    >
    >
    >

    ---------------------------------------------------------------------------
    FREE Whitepaper: Better Management for Network Security

    Looking for a better way to manage your IP security?
    Learn how Solsoft can help you:
    - Ensure robust IP security through policy-based management
    - Make firewall, VPN, and NAT rules interoperable across heterogeneous
    networks
    - Quickly respond to network events from a central console

    Download our FREE whitepaper at:
    http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
    ----------------------------------------------------------------------------

  • Next message: Steven Ouimet: "Fwd: [Intrusense VNS] 7 New Microsoft Security Bulletins"

    Relevant Pages

    • Re: New Encryption Idea
      ... secrecy is a problem with any encryption or security ... Where does end-to-end security come from? ... AES is usually not used for authentication outside of a MAC ...
      (sci.crypt)
    • Re: Wireless network connection
      ... I thought than Open/Shared was for the authentication rather then the ... and that encryption is separate (hence in XP it is 2 ... A WEP key would easily be exposed. ... does not add any security, ...
      (alt.os.linux.suse)
    • Solaris Security Summary
      ... Administering Security on the Solaris OE ... Configuration control, facility management, and system ... Authentication: The ability to prove who you are. ...
      (comp.unix.solaris)
    • Re: Encryption and authentication
      ... have encryption without authentication? ... it seems that encryption couldn't exist without authentication. ... and example is asymmetric key cryptography technology. ... http://www.garlic.com/~lynn/aadsm24.htm#7 Naked Payments IV - let's all go naked ...
      (comp.security.firewalls)
    • Re: Enabling telnet, ftp, pop3 for root...
      ... Where did I say ANYTHING about not using authentication. ... You're presenting it like direct root login would be a total security ... DON'T have access to the port. ...
      (alt.os.linux)