Help Net Security
Help Net Security

Concerned with the vulnerability of authentication tokens?

Since RSA has finally admitted publicly that the March breach into its systems has resulted in the compromise of their SecurID two-factor authentication tokens, organizations using tokens should consider additional measures for safeguarding their information and securing their network infrastructure, according to Wave Systems.

Top reasons why device identification should be central to your security:

  • User identification with digital certificates, biometrics, one-time password tokens and smartcards may not be enough to prevent many types of breaches.
  • When the device is known, IT can have a higher degree of confidence that information is being accessed by an authorized user.
  • Device identification can mitigate the risk of unknown devices intentionally or unintentionally infecting the network.
  • User authentication is stronger when an independent second factor (the device) is provided. Having two completely independent and parallel authentication systems can provide stronger security.
  • Known devices will play an integral role in securing the cloud, defending against advanced persistent threats and securing mobile devices.

Traditional approaches to device identification center on using MAC addresses and user credentials in software to identify a device on the network. But this is subject to security vulnerabilities since MAC addresses and software-based user credentials can be spoofed, so another device can claim the same MAC address, for instance.

A better approach for device identification is through the use of the Trusted Platform Module (TPM). The TPM is a cryptographic security chip developed using a specification from the Trusted Computing Group (TCG).

Among its many security features, the TPM has the ability to create, sign and store keys, which can be used to provide strong binding of machines and users to the device. Because the authentication keys are stored and protected within the hardware, they cannot be changed or stolen by malware.

Benefits of the TPM include: persistent protection of identity information (keys); broad deployment (nearly half a billion TPMs have already shipped on PCs); and a low total cost of ownership, as there is no additional hardware to acquire or deploy.

One of the biggest hurdles preventing more widespread usage of the TPM has been a relative lack of awareness. But this is beginning to change.

More about

Featured news

Sponsored

Don't miss