> -----Messaggio originale----- > Da: Marty [mailto:marti@;videotron.ca] > Inviato: giovedì 17 ottobre 2002 14.39 > A: [EMAIL PROTECTED] > Oggetto: Worldwide authentication > > > They don't necessarly own portable PCs. > So we assume PC cafe public terminals, friends or collegues PCs, etc.
> We need to authenticate the users to let them access data from the > mainframe. > A WEB front end will solve the problem that they do not necessarily have their own PC (and their own client application). > Note that the data is very sensitive. > OK, SSL for data encryption and "strong authentication" shall be called into service ... > What is the (esiest/not too expensive) solution? > For traffic encryption SSL. For authentication I would go with ID Cards (those with an LCD Display that changes every minute). They do not require an interface with the system (which could be any kind of system you said before...) and are reasonably priced. Do not forget that your application should be able to disconnect idle users and leave nothing in the clear on the client PC (since it is not necessarily owned by your user). -- Alessandro Bottonelli [EMAIL PROTECTED] (professional) [EMAIL PROTECTED] (personal)
