Security with bite: 15 technologies tested

Summary:In this special review, we round up the various authentication devices on the market. From fingerprint scanners, to single sign-on software and biometric technology -- we have the authentication market covered.


Contents
Introduction
Authentication vs authorisation
Passwords and token devices
Single sign-on
Smartcards/Proximity Cards
Smartcards (cont.)
Biometrics
Biometrics (cont.)
Digital Certificates/Signatures
Notebook with fingerprint scanner
Vendors
About RMIT

Smartcards/Proximity Cards

Smartcards and proximity cards have been around for many years.

Proximity or magnetic cards (mag cards) traditionally have been used more for physical access controls rather than for the authentication of people. Smartcards have been used for everything from mobile phone SIMs, to satellite decoders.

Smartcards are now becoming quite popular for use in authentication technologies providing the something a user has factor of authentication. So while it technically is possible to steal or copy a user's smartcard it adds another level of complexity to the equation for those with malicious intentions.

Smartcards, like mag cards, can also be printed on and used as company and photo IDs for security checkpoints and visual user identification.

Smartcards can also be used for storing biometric information or digital signatures/certificates and encryption/VPN codes.

The benefits of storing these types of information on a smartcard are fairly significant; firstly it removes the need for that information to be stored all together in a single database. It also removes the need to send that information from a server to a client where it may potentially be intercepted by a man-in-the middle attack; this is particularly relevant in the case of encryption handshaking.

Many vendors are now integrating smartcard readers into some of their devices such as HP and Acer in their notebook range. In a review we performed last year Sun Microsystems had a thin client terminal (Sun Ray 150) which used smartcard technology not only for authentication but in an innovative way by switching the entire user environment from one terminal to another terminal simply by unplugging the card and plugging it into another terminal.



Vendor Keycorp
Web www.keycorp.net
Phone 02 9414 5200
Technology Smart cards
Model SCB Single Sign-On and SCB Secure Logon
Price N/A
 
Interoperability
½
SSO and Secure Login using smart cards is made relatively simple across a range of platforms with Keycorp’s system.
Futureproofing
½
Having to present something in combination with a password is definitely better than just requiring a password.
ROI
Reasonably priced particularly when considering the peace of mind and security a well designed and deployed smart card solution provides the enterprise.
Service
½
12-months warranty. Pricing includes 30-days e-mail helpdesk support.
Rating


Vendor Sun Microsystems
Web www.au.sun.com
Phone 1800 628 19
Technology Thin client with smart card reader
Model Sun Ray 150

Price AU$1050
 
Interoperability
Supports all the common thin client operating standards. Note however that it must run in conjunction with a Sun server in the backend.
Futureproofing
½
Runs Sun’s O/S which has everything anyone could wish for.
ROI
Excellent price for the features. Remember it includes a LCD monitor and a smart card subsystem.
Service
5 years is excellent.


Rating
½

Topics: Security, Hardware, Health, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.