BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 09-13-2006, 12:12 PM   #1 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Mar 2005
Location: Washington DC
Model: all
Carrier: All carrier's
Posts: 315
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default two way factor authentication...

Please Login to Remove!

okay, ladies and gents...

big brother...any bes admins have any CHEAP ideas on how they are going to implement Two way factor authentication for their handhelds.

I just got my tap on the should from my CIO...

here some info
OMB order accelerates efforts to protect remote access and personal information


I"m all ears...lets talk about it.
Offline  
Old 09-13-2006, 02:13 PM   #2 (permalink)
Knows Where the Search Button Is
 
Join Date: Jul 2006
Model: 7290
Carrier: T-Mobile
Posts: 36
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

We're waiting on some of the big boys to implement the Bluetooth Smart Cards before we weigh in. Although for government you should only need two factor authentication if you are shooting for devices required to meet level 3 or 4 standards under FISMA, at least thats my understanding.

I'd also be interested in hearing if anyone has implemented, or knows of alternatives to the smart cards.

Are you using content protection as well?
Offline  
Old 09-14-2006, 09:50 PM   #3 (permalink)
Knows Where the Search Button Is
 
Join Date: Nov 2005
Model: 7290
Posts: 32
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

BES 4.1 has two factor auth.
Offline  
Old 09-15-2006, 05:25 AM   #4 (permalink)
Knows Where the Search Button Is
 
Join Date: Sep 2006
Location: UK
Model: 8800
PIN: uh uh
Carrier: many
Posts: 44
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I like the idea of two factor authentication but I think RIM's smartcard is way overpriced at $199.

I also dont quite understand the path they have chosen. Surely if the card is within bluetooth range then that is one factor authentication and the standard password is the second factor. By making the user press a button on the smartcard to reveal a unique password which the user has to then enter on the handset makes it three factor authentication surely? TBH, it sounds like a nightmare - especially if a low Periodic Challenge time rule is applied as would be the case if you were a government or concerned about security.

Why not just authenticate if the smartcard is within range of the handset in the same way that plugging in a USB dongle into a PC as a means of authentication?
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

2SC756 SONY Transistor rf power output C.B. radio qty (1) nos
$15.0
2SC756  SONY Transistor rf power output C.B. radio qty (1) nos picture10Pcs Bd681 Darlington Npn Mit Diode 100V 4A 40W New Ic R
$1.05
10Pcs Bd681 Darlington Npn Mit Diode 100V 4A 40W New Ic R picture5Pcs Dip-14 Ti Chip And Gate Dip14 Cd4081be Cd4081 Quad 2 Input Or New Ic Y
$1.32
5Pcs Dip-14 Ti Chip And Gate Dip14 Cd4081be Cd4081 Quad 2 Input Or New Ic Y picture10Pcs Sop-8 Lm311 Diff Comp W/Strobe 8Sop New Ic F
$1.65
10Pcs Sop-8 Lm311 Diff Comp W/Strobe 8Sop New Ic F picture50Pcs 2N3819 3819 Transistor Rf Nch 25V To-92 New Ic J
$19.87
50Pcs 2N3819 3819 Transistor Rf Nch 25V To-92 New Ic J picture






Copyright 2004-2016 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.