I have also been investigating this issue from the angle of securing data on Palm or any other handheld devices. The root of the problem is balancing security and usability of the device. Physical access is the number one problem. I can secure physical access to routers and switches, thereby allowing a maintenance mode to recover access to a device. The problem with handheld devices is this model doesn't work because I can't secure phyical access to the device. It's much easier to steal or misplace a palm device than a cisco router. :-) So, how does one go about designing a solution that will secure the data on the handheld while enabling a maintenance recovery mode? Then in addition accessing the device must be simple and reliable to use in the field. There are several obstacles on this path. The first is I haven't been able to find any reliable cyrptographic solution that a backup synchronizer like the Palm desktop Hot sync will recognize. As the old saying goes " Encrypting something is easy. Reading it later is the hard part." I'm interested on other's thoughts on this issue. Cheers: -arc Arley Carter arcat_private Tradewinds Technologies, Inc. www.twinds.com Winston-Salem, NC USA Network Engineering & Security 336-817-9554 ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 06:15:24 PDT