|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] NIST Services
From: Anders Rundgren (anders.rundgren
telia.com)
Date: Tue Apr 12 2005 - 11:21:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Peter,
It is a bit complex for me to digest your message, I just wanted
to express my concern that passports and such should use a
card format while remote access stuff should be based on the
best container available. What the latter is will change over time.
The NIST/PIV solution is not making use of available technology
like USB which is going to hurt this project unless there are many
other governments that intend to buy into this scheme.
I'm quite interested in NF technology which I though believe
will not reach PCs for a while. Hopefully it will get more acceptance
than Bluetooth which still is just an option. Options suck.
I actually believe that iPod will have more impact on the creation
of a new security infrastructure than the entire security industry
combined (!), as iPod need swift interfaces to PCs as well as
peer-to-peer. iPod may though turn out to be phone some
day :-)
It is really pretty weird right now. Will it get worse?
Time will tell.
Anders
----- Original Message -----
From: "Peter Williams" <home_pwmsn.com>
To: "'MUSCLE'" <musclelists.musclecard.com>
Sent: Tuesday, April 12, 2005 17:50
Subject: RE: [Muscle] NIST Services
Anders!!
I'm surprised at the generality of the claim, given your usual focus on the
mobile phone as the universal token (an obviously appealing notion.) Would
you not support phones with near-field transport? For peer-peer data
transport and device enumeration? This gets past the whole legacy of
7816-based half-duplex signaling, and the whole proprietary terminal
business imposed by VISA/VeraPhone etc to bias the infrastructure for the
card issuers benefit)
We are now manufacturing some tiny low-power Near Field USB tokens (courtesy
of Phillips), if anyone wants to pay to manufacture a dozen, to play - as
developers. They are also mifare responsive (separate circuit), for use in
physical access control.
If you want to talk to an early-stage NF "complete-system" supplier in the
US (ie. go beyond playing with our NF dongles), we can direct that contact
too. If anyone is at CT/ST in Las Vegas (US) on Wednesday, lets chat!
Obviously, a dongle is not enough for a working solution: it has to fit with
the fixed terminal, the phone, the card/dongle/phone provisioning and key
management system, the mifare sensors on billions of office doors, etc.
Peer-peer NF enumeration and wireless bus transport, plus end-end GP SCP-2
security, plus OTAR and off-issuer application loading with GP DAP controls.
Now, there we have a more realistic basis...one that incorporates the
potential of the universal bio handset (the finger-swipe enabled phone!)
We have a set of working finger-swipe dongles to play with too, if any
wants: there are different parameters and behaviors obviously, for the
different sensor and swipe device classes. They use our own off-card match
and user enrollment software, for the bio recognition stuff. They are being
sold now heavily in ...urr... Scandinavian banks.
Would be fun to make a device that links the three streams of work together
- NF mobility, plus bio-swipe, plus a NF-based "match-on-peer" - where the
phone's DSP is the peer for performing the match.
> -----Original Message-----
> From: muscle-bounceslists.musclecard.com [mailto:muscle-
> bounceslists.musclecard.com] On Behalf Of Anders Rundgren
> Sent: Tuesday, April 12, 2005 4:57 AM
> To: MUSCLE
> Subject: Re: [Muscle] NIST Services
>
> Ok, So lets get political!
>
> To mix physical access based on biometrics with remote (a.k.a. logical)
> access
> based on "keys" is not such a terribly good idea as these uses constrain
> each other.
lman/listinfo/muscle
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]