Improving Security Of Handheld IT Devices
- Date:
- August 31, 2005
- Source:
- National Institute of Standards and Technology (NIST)
- Summary:
- The National Institute of Standards and Technology has recently issued two reports aimed at making it harder for unauthorized users to access information from handheld devices such as personal digital assistants. The reports describe wireless authentication mechanisms and alternatives to standard-size smart cards for restricting access to these devices.
- Share:
Handheld devices such as personal digital assistants are becomingindispensable tools for today's highly mobile workforce. Small andrelatively inexpensive, these devices can be used for many functions,including sending and receiving e-mail, storing documents, deliveringpresentations and remotely accessing data.
While their small size can be an advantage, it also can be adisadvantage since handheld devices can be easier to misplace or tosteal than a desktop or notebook computer. If they do fall into thewrong hands, gaining access to the information they store can berelatively easy. The National Institute of Standards and Technology(NIST) has recently issued two reports aimed at making it harder forunauthorized users to access information from these devices.
Proximity Beacons and Mobile Device Authentication (NISTIR 7200)describes how two different kinds of location-based authenticationmechanisms that use signals from wireless beacons can be used toauthenticate handheld device users. If the user is in an unauthorizedlocation or a location outside a defined boundary, access will bedenied or an additional authentication mechanism must be satisfiedbefore gaining access.
While many organizations use smart cards for security, they require acard reader that can be nearly as large as the handheld device. SmartCards and Mobile Device Authentication (NISTIR 7206) describes twotypes of smart cards that use standard interfaces supported by handhelddevices, avoiding the use of more cumbersome, standard-size smart cardreaders.
Both reports describe these innovative authentication mechanisms andprovide details on their design and implementation. The reports areavailable at http://csrc.nist.gov/publications/nistir/index.html.
Story Source:
Materials provided by National Institute of Standards and Technology (NIST). Note: Content may be edited for style and length.
Cite This Page: