August 16th, 2002, 09:04 AM
Promising authentication tool....
Bell Labs has developed a two part authentication system that seems to be very promising. It's actually 2 pieces of software, and it stores all of the user credentials on the network (software piece #1) instead of the client machine. The second piece of software resides on the client machines and is used to enter a username and password. It then sends a request to the network to retrieve the key, which resides in RAM instead of the hard drive. Bell originally developed this as a part of their 'Plan 9' OS (why they named it after a b-grade sci-fi flick I'll never understand), but are distributing it for free and say that it can easily be ported to unix, windows, linux and solaris. Read the article from eweek magazine or take a look at the download site.
Bell Labs Plan 9:
EDIT: IF you can get your hands on the print edition, the article there is much more detailed than the online version.
It isn't paranoia when you KNOW they're out to get you...
August 16th, 2002, 09:50 PM
Personally I'm not to fond of sentralized storage of personal data. This thing reminds me of the MS passport & wallet. I just don't trust a third party with imortant data like internet bank passwords etc. But I must admit the data seems quite safe, afterall they are encrypted with a secret key only I would know.
Still I think PKI & digital certificates stored on smart cards (or tokens) is the right way to go. They've started developing tokens which does all the encryption & decryption inside the smart card, so that the private key will never leave the card. That's even better than putting information into RAM!
Good post though!