Security Basics mailing list archives
R: Worldwide authentication
From: "Alessandro Bottonelli" <abottonelli () libero it>
Date: Fri, 18 Oct 2002 19:46:59 +0200
-----Messaggio originale----- Da: Marty [mailto:marti () videotron ca] Inviato: giovedì 17 ottobre 2002 14.39 A: security-basics () securityfocus com Oggetto: Worldwide authentication They don't necessarly own portable PCs.
So we assume PC cafe public terminals, friends or collegues PCs, etc.
We need to authenticate the users to let them access data from the mainframe.
A WEB front end will solve the problem that they do not necessarily have their own PC (and their own client application).
Note that the data is very sensitive.
OK, SSL for data encryption and "strong authentication" shall be called into service ...
What is the (esiest/not too expensive) solution?
For traffic encryption SSL. For authentication I would go with ID Cards (those with an LCD Display that changes every minute). They do not require an interface with the system (which could be any kind of system you said before...) and are reasonably priced. Do not forget that your application should be able to disconnect idle users and leave nothing in the clear on the client PC (since it is not necessarily owned by your user). -- Alessandro Bottonelli A.Bottonelli () axis-net it (professional) ABottonelli () libero it (personal)
Current thread:
- Re: encrypt ftp service?, (continued)
- Re: encrypt ftp service? Brad Arlt (Oct 16)
- Re: encrypt ftp service? J . Reilink (Oct 16)
- RE: encrypt ftp service? Robert Sieber (Oct 16)
- RE: encrypt ftp service? Mark Stunnenberg (Oct 17)
- Re: encrypt ftp service? Dennis Durling (Oct 17)
- Re: encrypt ftp service? James Dennis (Oct 17)
- RE: encrypt ftp service? Robert Sieber (Oct 16)
- RE: encrypt ftp service? Mark Stunnenberg (Oct 17)
- Re: encrypt ftp service? Chris Berry (Oct 16)
- Worldwide authentication Marty (Oct 17)
- R: Worldwide authentication Alessandro Bottonelli (Oct 21)
- Worldwide authentication Marty (Oct 17)
- Re: encrypt ftp service? brien mac (Oct 16)
- RE: encrypt ftp service? Trevor Cushen (Oct 17)