- What does Cisco have against Quebec?
- Attrition.org nails another nitwit
- Diary of a deliberately spammed housewife
- Seven cloud-computing security risks
- 20 great Windows open source projects
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
JanRain Monday introduced two-factor authentication that taps into a standard telephone or cell phone to beef up security on its user-centric identity technology.
The company made the announcement ahead of the opening of the Internet Identity Workshop going on this week in Mountain View, Calif.
JanRain and Positive Networks introduced CallVerifID, an extension to JanRain's myOpenID, which anyone can get for free, that makes the telephone an integral part of secure sign-on. Positive Networks' PhoneFactor service, a phone-based authentication service, is the foundation of the telephone add-on.
Multi-factor authentication, which is more secure than a simple user name and password, includes something you are, something you have and something you know. With JanRain's two-factor system, the telephone becomes the "something you have."
User-centric identity is an emerging identity system that puts users in control of their own identity information. It is designed to give users a single identity to use on the Internet to replace multitudes of user names and passwords that must be remembered for each Web site.
Examples include models such as LiveID, OpenID and InfoCard systems including Microsoft's CardSpace (XP and Vista) and Novell's Digital Me.
Last summer, the Burton Group and the Open Source Identity System (OSIS), hosted a demonstration showing interoperability among user-centric identity systems from major vendors, start-ups, one-woman projects and open source hackers. The OSIS is a working group within the Identity Commons project to unite the leaders of open source efforts around digital identity. The OSIS steering committee includes Microsoft, IBM, Novell, Oracle, CA, VeriSign, NetMesh, Cordance, Parity, Sxip, Ping Identity and Nulli Secundus.
In March, IBM began a three-year project to infuse privacy controls into identity technologies, including user-centric models and emerging social networking communities.
OpenID is an open standard for shared identity services, which enables users to log on to multiple Web site with the same credential. OpenID empowers users to control when, where, and how they share personal information.
One of the knocks against the user-centric model, however, is that it is not secure enough to be used as an access control to sensitive data.
Rss FeedRss Feed
IBM spent all that money on a mass rollout of PGP Whole Disk Encryption, just when its discovered that...- Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment