[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [emergency] CAP Visualization (was RE: CAP Developers' Forum...)
> I am curious about the different approaches that are evolving or being > proposed for determining who are the authorized CAP message originators > across various implementation communities and how developers are intending > to authenticate their messages when processing CAP. This topic would be a > great addition for the implementers guide! We're currently using smartcards, both for application access, and data decryption / targeting of files to certain recipients. These are locked to a single PC, changing the 'what you have/what you know' paradigm to one of 'what you have/what you own'. ;) Now, while it is trivial to secure a piece of data and deliver it to a certain user (as well as allow the user to verify signatures) on a one-way network (symkeys and hashes are basically wrappered with RSA into 'packages') -- i.e. the package and the pipe is secure -- the main issue (as you mention) is how do we ensure that the content itself is legit. Right now users have to sign in to generate CAP alerts at our headend over a ssl w3 interface. So in terms of an end-to-end entity it is secure in its containment. But what about data that enters the system from 3rd parties... I'd be curious to hear others' thoughts on these issues. Also, what is the level of security required? We could go so far as to say that SSL and session logins are unacceptable since we have no way of telling if it is someone else using the legit user's user/pass -- what's the tradeoff/sweet-spot for CAP? Sorry for the rambling. Cheers Kon *********************************************************************************** Information contained in this email message is intended only for use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the postmaster@nds.com and destroy the original message. ***********************************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]