Firms need to adopt technologies such as smart cards and digital certificates, says analyst
By Andy McCue
Published: 16 September 2003 15:09 GMT
Businesses must adopt stronger user authentication technology, such as smart cards and digital certificates, if they are to take advantage of emerging web services, according to a report by the Butler Group.
The research, Identity and Access Management, says traditional username and passwords are not secure enough for the next generation of online services and are also becoming too difficult and costly to manage both for network managers and end-users.
"On its own the password is no longer a secure authentication mechanism. One of the problems with today's computer systems is that everybody in the online world is required to be an administrator, not least having to register and enter profile information at every website visited," said the report.
Industry standards are vital to the wider adoption of stronger security technologies and Butler Group predicts that the WS-Security standard, backed by the likes of IBM and Microsoft, will become as pervasive as TCP/IP currently is.
Web services will be one of the main drivers for businesses moving to stronger authentication methods.
The report said: "Without a streamlined and effective identity management process, organisations will never be able to fully utilise the web services model. It is essential that companies move to an identity-centric approach where the focus is on authentication to reduce risk, rather than relying on the current mechanisms of perimeter control and detection."
Firms should in particular look at security technologies that interoperate with portals, with Butler Group predicting this will be the mechanism most users and customers will interact with an organisation.
Smart cards and digital certificates are the best authentication methods recommended by the analyst group but the report warns that biometrics are still some way off achieving the necessary levels of reliability. The report also attacks the UK government's plans for a national biometric ID card, calling it an "inappropriate use of this technology".
Wireless standards IEEE 802.11A/B/G standards and wireless encryption techniques such as WEP, WPA and Radius Authentication. PC operating systems ...
Customer support:~ Provide 2nd level support to the customer support centres~ Ensure that problems are escalated to 3rd level support areas in a ...
This may include the creation of particular screens and/or scripts for integration with application to pass authentication variables. The successful ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business