>Have you looked at the feasibility of using an established solution like >RSA SecurID instead of creating your own? Yes - but not soooooo into depth - just technical things. But many parts of this SW package is limited only to windows OS (big problem) - and I didn't find the price. Knows anyone ? Initially 1 server, ~300 users, ~100 devices. But I guess, it will be pretty expensive toy. >Are you really planning on building your own custom calculators and >encyption mechanisms? Not only does this strike me as unsafe, but I >doubt it would be cost effective. Build custom hardware is pretty easy. You can buy piece of HW with display/keyboard. Enough is to insert CPU basically. Program should be verry simple, so, fast to develop (I guess ~5 days to implement some good cipher+dictionary based thing and other things - like communication). About security/safe. You are right. But I belive, we have enough resources/knowledge to build it quickly and secure. We allready made many other security based things, but for pretty different purposes. This is first time, when I am going to develop 'similar' thing like this one - that why I am writing this text anyway :) But it is not first time, when we are playing with hardware/design. So, build 'calculator' is the smallest problem in whole process. Really. Ofcourse, if there will be some good product, with resonable price, which will fit our (I think simple) needs, ... :o) Then I will for sure try/select it. We had to make our own 'busines solution' - and only because there weren't something, what fit our need. And if yes, then it requires Windows or something. And were big/slow/hard to use. We had to make own. And it were a lott of work. If you will compare work, which had to be putted into system with 'security' .... But it were still cheaper than 'buy' some big solution and let make some changes for us. I am not big fan of big and complicated system. >The only way I could see this as a reasonable approach is if you were >trying to come up with a sellable product that would compete with the >likes of RSA. But it sounds like your product is the services on your >web site, not key tokens and safe crypto. If you develop SOME product, it can be divided into 4 periods: 1. design 2. creating 3. prepare for distribution 4. selling - create relevand distribute channels, make 'busines' around - promote, setup busines strategy/... From our experimence, I can say, that 1 and 2 is 40% of time. Next 60% takes these things - preparing product, etc etc. You can have WORKING product (well working) - but still 'far' from 'sellable' thing... Probably every bigger company have many 'internal' solutions, which are not selled at all. And we are not exception. For 'us' it will be verry nice price. If we will start selling, price will go up. Probably lees then gigants in security, but it can be 'compared'. And if you can compare price between 'big known security company' and 'hardware/network company', what you will select ? We builded own busines solution. But make from it sellable product, will cost MANY MANY next money (work). And question is: will someone else need what were good for us ? So, primary it is for internal solution, who knows if someone need similar SIMPLE thing.... Best regards, Lada 'Ray' Lostak Unreal64 Develop group http://www.unreal64.net
This archive was generated by hypermail 2b30 : Wed Apr 17 2002 - 15:04:32 PDT