Skip to main content

the-keychain-issue

I think awareness of the 'key chain' issue is increasing, which makes me happy. First, there was a post on ask.slashdot about carrying around multiple tokens and today, there was a post on the PingIdentity blog entitled Overcoming Keychain Issues with Strong Auth. He lists four possible solutions to the problem:
1. Centralized Token Service - Local authentication for username/password and a centralized service for token validation.
2. Distributed Validation System - Same as above but use a TLS (Token Lookup Service) or a cached list to find a provider to validate the token.
3. Credential Wallet System – Use a phone and has a soft cred/otp manager to get a token. Each enterprise maintains their own otp validation server.
4. Federated Identity Model – Standard IdP/SP trust model. However, identities (and not just OTP) have to be shared.

This awareness is good for us because WiKID will work under all of the scenarios listed (and is essentially a #3 though we also have a PC client). It can work in a federated model or each enterprise can have their own authentication server. Because the token uses public key crpytography, there is no reduction in security when you create relations with multiple authentication servers.
Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom