Tuesday, September 22, 2009

Ten Risks of PKI

This is an old article but it is a good article co-authored by Bruce Schneier. For those that don't know Bruce he is a well respected and acclaimed cryptographer. As Bruce says in the first few paragraphs about the sales guys who sell PKI:
“If you only buy X,” the sales pitch goes, “then you will be secure.”
But reality is never that simple, and that is especially true with PKI.
Many times we have customers who are considering going with certificates or smart cards rather than one-time passwords (OTP) as their means of two-factor authentication. Bruce does a great job of throwing light on some of the PKI/smart card "myths". Especially true is that for any security system there are people involved:
Security is a chain; it’s only as strong as the weakest link. The security of any CA-based system is based on many links and they’re not all cryptographic. People are involved.
So if you are interested in strong authentication take a look at this article. It's worth your time.

Technorati Tags:
, , , ,

Monday, September 21, 2009

Quest and SAP Single Sign-on

Someone pointed out a blog post on SAP Single Sign-on using Quest Authentication Services to me a few weeks ago and I thought I would share it with you. The author of the blog post - Joshua Fletcher - is a Senior Business Intelligence Consultant working in Perth, Australia primarily with SAP BusinessObjects software.

Joshua pointed his readers to a very detailed SAP technical note on how to set up SAP SSO with Quest Authentication Services here (you'll need an SAP support account to login). He also issued a small plea to SAP to better document the overall procedure:
If any SAP BusinessObjects staff read this post, it would be fantastic if all this knowledge that is being captured in the SAP Support Portal could be filtered and pushed back into the standard documentation, as this sorely lacks the detail required to implement Vintela SSO.
Joshua, I passed on your blog post and your request to SAP's senior identity management staff last week when I was at their headquarters in Walldorf, Germany. Hopefully, they'll follow-up!

Technorati Tags:
, , , , , , ,