Re: [SUMMARY] Can SecurId be used to protect client-server TCP/IP connections?
From: Kevin Johnson <kjj_at_pondscum.phx.mcd.mot.com>
Date: Wed, 19 Jan 1994 17:03:41 GMT
Message-ID: <KJJ.94Jan19100343_at_pondscum.phx.mcd.mot.com>
October last year I asked the news groups comp.client-server, comp.databases.oracle and comp.security.misc if anybody had used SecurID cards and software to protect client/server connections (and in particularfor ORACLE and SQL*Net). A number of people reacted to this and it is now more than time for this summary.
At this moment C/S cannot be protected with a device like SecurID. In other words: if user authentication is required, you're tied to the OS login strengthened with SecurID or something similar. The answers from Marcus Ranum, Mark Johnson and Security Dynamics could be reason to hope for a "safer" C/S in another two or three years.
Date: Wed, 19 Jan 1994 17:03:41 GMT
Message-ID: <KJJ.94Jan19100343_at_pondscum.phx.mcd.mot.com>
In article <ks.58.000D2B81_at_ic.uva.nl> ks_at_ic.uva.nl (Karel Sprenger) writes:
Introduction
October last year I asked the news groups comp.client-server, comp.databases.oracle and comp.security.misc if anybody had used SecurID cards and software to protect client/server connections (and in particularfor ORACLE and SQL*Net). A number of people reacted to this and it is now more than time for this summary.
[MEAT DELETED]
The conclusions (so far)
- Security Dynamics ACE server should be looked into.
- Oracle and other vendors should be requested to provide sufficient hooks to add this kind of functionality.
- There may be the old (?) problem of US export controls on encryption and athentication code.
[MORE MEAT DELETED]
Conclusions
At this moment C/S cannot be protected with a device like SecurID. In other words: if user authentication is required, you're tied to the OS login strengthened with SecurID or something similar. The answers from Marcus Ranum, Mark Johnson and Security Dynamics could be reason to hope for a "safer" C/S in another two or three years.
-- #include <std_disclaimer> "Frank Zappa is dead - the world is a duller shade of gray" - me .-----------------------------------------------------------------------------. | Kevin Johnson kjj_at_phx.mcd.mot.com | | Information Technologies Network Administrator Motorola MCG | | MCG postmaster, MCG Network Security Administrator |Received on Wed Jan 19 1994 - 18:03:41 CET