Access your Pro+ Content below.
Examining device-based authentication
This article is part of the August 2003 issue of Information Security magazine
Driving the authentication down toward Layer 2 of the network invokes the question, "Can we authenticate the machine as well as the user?" Here's the idea: Using a unique footprint or ID from the machine itself provides a reliable way to control access, because it enables companies to lock out any unauthorized machine. Steal the machine but don't know the password? The machine gets cut off from network access. Steal the password but not the machine? Again, no access. So, when used together, passwords and machine IDs give companies strong security without the need deploying smart cards, tokens or other devices that users can misplace or break. As appealing as this solution is, the offerings in the market for it are still quite new. But with major players such as Microsoft, Intel, Hewlett-Packard and IBM involved, it may gain traction. These companies, with others, formed the Trusted Computing Group (TGC) in April to "develop and promote open industry standard specifications for trusted computing hardware building blocks and ...
Features in this issue
Choosing a VPN has become a complex undertaking. Lisa Phifer examines how SSL VPNs match up with their older IPSec cousins.
A global minerals firm seeking secure remote email tested other systems before choosing an SSL VPN.
Today's SSL VPNs address a single problem: secure remote access. Will that be enough to sustain the vendors in this market? History offers some clues.
Lisa Phifer separates the truth from fiction about VPNs.
Today's attacker can be anywhere, meaning network perimeter defense alone is futile. Change your thinking, and your tactics.
Columns in this issue
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.