http://technology.scmp.com/cgi-bin/gx.cgi/AppLogic+FTContentServer?pagename=SCMP/Printacopy&aid=ZZZVPVPXI0D
Friday, May 3, 2002 Interest growing in smart cards ANH-THU PHAN The Hong Kong Government's plan to introduce digital identification cards starting from next year is raising the business community's interest in using similar smart card technology for controlling access to internal computer systems, according to Pierre Pang, Hong Kong territory manager for RSA Security. One of RSA's Hong Kong clients plans to implement a trial system for 500 users in September, using smart card technology to allow employees access to the company's computer system at their desktops and kiosks. The smart-card system could eventually be expanded to cover the company's 10,000 users. Mr Pang said his office received about 10 inquiries per week about smart-card technology, but widespread adoption would depend on prices of card-reading hardware coming down dramatically. RSA, which manufactures password-generating tokens and other computer security products, recently introduced a card that can be embedded with digital certificates, as well as add-on Java programs which can be used for digital purses and other applications. The company has also added a single sign-on software product that competes with Microsoft's Passport and Sun's Liberty Alliance Project. Such products are more in demand as companies move to grant employees and customers access to more information over Web interfaces, and as governments begin to offer more services to citizens through the Internet. With single sign-on, which is often based on open technologies such as Kerberos, users can access several programs or databases without having to key in user names and passwords many times. Systems administrators can theoretically set up and manage rules for granting access to information more easily. One possible stumbling block to the implementation of such single sign-on schemes is lack of user enthusiasm and concerns over security. A recent Gartner study estimated most users of Microsoft's Passport program did not know of or use the authentication features. However, Gary Lau, an RSA technical consultant, said user acceptance of single sign-on was low because the systems only required passwords and the perception was that password security was low. Once these systems required a second factor - such as a smart card, fingerprint or digital certificate - before access was granted then people would change their view of single sign-on. -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]