Russian tokens
On the " Softula " went to a couple of interesting stands on information security, namely, hardware security keys. Outwardly, they resemble ordinary USB flash drives - in fact, they will connect to the computer via USB, allowing you to authenticate the user and unlock the security system.
In my opinion, such keys (or USB tokens) are the best mass solution for information security in terms of such parameters as protection efficiency (including theft / interception of access keys), price, and user convenience. Unfortunately, I do not have my own office (:-)) where I could implement such a system, so it remains to follow the development of technology from the outside. And the technology of hardware keys is developing quite interestingly - what the stands of the companies representing these solutions at the “Softul” exhibition told about.
One of the main exhibits of the Aktiv stand was the Rutoken keys with a built-in radio frequency tag . Thanks to this tag, they can be used instead of a smart card to access the premises:
')
Thus, Rutoken RF is an element of comprehensive protection: one key serves to access the premises and to access the computer. And this means that the attacker will not be able to use the computer in the absence of an employee at the workplace: to leave the premises, you need to pull the token from the computer's USB port and bring it to the lock receiver at the door, and when the token is disconnected from the computer's USB port is blocked. Very elegant and, I would even say, a beautiful solution.
At the stand of another well-known Russian company that has been working in this field for a long time - “ Aladdin ” - RF-tokens were not advertised, although they also exist in the company's product range. Aladdin presented USB tokens of a rather intriguing look — with an LCD screen:
This is the eToken NG-OTP , and the LCD screen is the display of the embedded one-time password generator (as the company claims, this is “the first USB key for information security based on a smart card chip with a one-time password generator (OTP - One Time Password) "). These passwords are especially relevant when a user is working remotely, for example, an employee who is at the computer in a hotel or client's office. The password generated by the token is valid only during the current session; if this password is intercepted (after all, it is impossible to be sure that someone else’s computer is safe), then the attacker will not be able to use it - the password will lose its relevance. Supported by Microsoft ISA Server; In fact, authentication via eToken NG-OTP is analogous to VPN - but without setting up a computer and generally installing any additional software, which is very important while working at someone else's computer.
It is also worth mentioning such a logical development of tokens as a combination of a hardware key and a flash disk ( eToken NG-FLASH ): you get both an authentication tool and a secure storage of confidential information; After all, for USB-drives, which often fall into the hands of strangers, the question of preserving the information stored on them from prying eyes is very relevant.
In my opinion, such keys (or USB tokens) are the best mass solution for information security in terms of such parameters as protection efficiency (including theft / interception of access keys), price, and user convenience. Unfortunately, I do not have my own office (:-)) where I could implement such a system, so it remains to follow the development of technology from the outside. And the technology of hardware keys is developing quite interestingly - what the stands of the companies representing these solutions at the “Softul” exhibition told about.
One of the main exhibits of the Aktiv stand was the Rutoken keys with a built-in radio frequency tag . Thanks to this tag, they can be used instead of a smart card to access the premises:
')
Thus, Rutoken RF is an element of comprehensive protection: one key serves to access the premises and to access the computer. And this means that the attacker will not be able to use the computer in the absence of an employee at the workplace: to leave the premises, you need to pull the token from the computer's USB port and bring it to the lock receiver at the door, and when the token is disconnected from the computer's USB port is blocked. Very elegant and, I would even say, a beautiful solution.
At the stand of another well-known Russian company that has been working in this field for a long time - “ Aladdin ” - RF-tokens were not advertised, although they also exist in the company's product range. Aladdin presented USB tokens of a rather intriguing look — with an LCD screen:
This is the eToken NG-OTP , and the LCD screen is the display of the embedded one-time password generator (as the company claims, this is “the first USB key for information security based on a smart card chip with a one-time password generator (OTP - One Time Password) "). These passwords are especially relevant when a user is working remotely, for example, an employee who is at the computer in a hotel or client's office. The password generated by the token is valid only during the current session; if this password is intercepted (after all, it is impossible to be sure that someone else’s computer is safe), then the attacker will not be able to use it - the password will lose its relevance. Supported by Microsoft ISA Server; In fact, authentication via eToken NG-OTP is analogous to VPN - but without setting up a computer and generally installing any additional software, which is very important while working at someone else's computer.
It is also worth mentioning such a logical development of tokens as a combination of a hardware key and a flash disk ( eToken NG-FLASH ): you get both an authentication tool and a secure storage of confidential information; After all, for USB-drives, which often fall into the hands of strangers, the question of preserving the information stored on them from prying eyes is very relevant.
Source: https://habr.com/ru/post/14886/
All Articles