Re: Security Ideas for new App I'm Building?
- From: mak <mak@xxxxxxxxxx>
- Date: Fri, 10 Aug 2007 10:42:22 +0200
tekiegreg wrote:
Hi there, I'm currently a developer hired out to a multi-unitOTP with hardware token , for instance RSA.
franchisee in the Fast Food industry. Currently I'm building an
application that will be deployed to all our stores. Each store will
be running an application that will be connecting to a central server
here at the home office. Logins of some sort will be needed for each
store manager, but how to login has been a problem. The main issue
has been that the store managers have had a nasty tendency in the
past
to share usernames/passwords with people in the store that they
shouldn't, compromising security. So a standard user/pass won't do
necessarily. Our thoughts have already run as follows:
1) What about fingerprints? We've tried that, but had problems with
them in the past with greasy smudges on people's fingers proving
difficult for the scanners to authenticate properly.
2) Voice recognition? Nope, too much background noise in these stores
(and seeing as it's fairly constant and loud, often anyone gets in!)
3) Video recognnition? Is it good enough yet? Reasonably priced as
well?
So in a nutshell, what would you be thinking about? I'll probably
use
Client Certificates to authenticate the computer, but granted only
store managers are allowed in, we need to restrict to themselves
only. Hoping for some ideas here, thanks!
store manager is responsble for the token to be always on his body, like his ID or key.
like other people suggested, make the managers sign this new policy.
M
.
- Prev by Date: Re: Any Good Book To Start ?
- Next by Date: Re: Is there such thing as a multi-host security certificate?
- Previous by thread: Re: Security Ideas for new App I'm Building?
- Next by thread: pre-encrypted web pages
- Index(es):
Relevant Pages
|
|
