Balancing Customer Privacy with Strong Authentication - PowerPoint PPT Presentation

About This Presentation
Title:

Balancing Customer Privacy with Strong Authentication

Description:

Database logins. Certs and PKI infrastructure. Single sign on system products. 5 ... Login automation/scripting. Centralized security admin. Kerberos/tokens ... – PowerPoint PPT presentation

Number of Views:47
Avg rating:3.0/5.0
Slides: 12
Provided by: david86
Category:

less

Transcript and Presenter's Notes

Title: Balancing Customer Privacy with Strong Authentication


1
Balancing Customer Privacy with Strong
Authentication
  • David Strom
  • david_at_strom.com
  • (516) 944-3407
  • TISC Boston 11/13/1999

2
The challenge
  • Customers want simplicity
  • Store operators want security

3
The old method SSL/credit cards
  • How to deal with returning customers?
  • How to deal with breaks in shopping session?
  • How to deal with peak loads?
  • Are they really secure? (Perception vs. reality)

4
Current authentication methods
  • Passwords
  • Cookies
  • Database logins
  • Certs and PKI infrastructure
  • Single sign on system products

5
Keeping track of passwords is tough
  • We all have too many of them
  • Where to store them?
  • Using same strings can compromise security
  • Different sites have different requirements for
    length, numeric characters, etc.

6
Technology to the rescue
  • Lucent Web Assistant (lpwa.com8000)
  • Compuserve RPA (www.compuserve.com/rpa)

7
Cookies
  • Not everyone likes them (I do)
  • Not good if you use multiple machines or use
    public PC
  • Not good when you upgrade/change browsers

8
Do you really want to do this?
  • Setup CA server
  • Generate a secure root CA
  • Train Reg Authorities to manage certs
  • Develop customer cert policies

9
Solution Single sign-on systems
  • Password synch
  • Login automation/scripting
  • Centralized security admin
  • Kerberos/tokens
  • Web interfaces?

10
Products
  • Axent WebDefender
  • CyberSafe TrustBroker Suite
  • enCommerce
  • Gradient NetCrusader
  • HP Praesidium Domain Guard
  • IBM Snare Works
  • Internet Dynamics Conclave
  • Netegrity SiteMinder
  • Security Dynamics Technologies Keon Suite

11
Panel
  • Deepak Taneja, Netegrity
  • Michael Onders, enCommerce
Write a Comment
User Comments (0)
About PowerShow.com