Security Ideas for new App I"m Building?

Hi there, I'm currently a developer hired out to a multi-unit
franchisee in the Fast Food industry. Currently I'm building an
application that will be deployed to all our stores. Each store will
be running an application that will be connecting to a central server
here at the home office. Logins of some sort will be needed for each
store manager, but how to login has been a problem. The main issue
has been that the store managers have had a nasty tendency in the
past
to share usernames/passwords with people in the store that they
shouldn't, compromising security. So a standard user/pass won't do
necessarily. Our thoughts have already run as follows:

1) What about fingerprints? We've tried that, but had problems with
them in the past with greasy smudges on people's fingers proving
difficult for the scanners to authenticate properly.


2) Voice recognition? Nope, too much background noise in these stores
(and seeing as it's fairly constant and loud, often anyone gets in!)


3) Video recognnition? Is it good enough yet? Reasonably priced as
well?


So in a nutshell, what would you be thinking about? I'll probably
use
Client Certificates to authenticate the computer, but granted only
store managers are allowed in, we need to restrict to themselves
only. Hoping for some ideas here, thanks!

Re: Security Ideas for new App I"m Building?

tekiegreg writes:
> Hi there, I'm currently a developer hired out to a multi-unit
> franchisee in the Fast Food industry. Currently I'm building an
> application that will be deployed to all our stores. Each store will
> be running an application that will be connecting to a central server
> here at the home office. Logins of some sort will be needed for each
> store manager, but how to login has been a problem. The main issue
> has been that the store managers have had a nasty tendency in the
> past
> to share usernames/passwords with people in the store that they
> shouldn't, compromising security. So a standard user/pass won't do
> necessarily. Our thoughts have already run as follows:
>
> 1) What about fingerprints? We've tried that, but had problems with
> them in the past with greasy smudges on people's fingers proving
> difficult for the scanners to authenticate properly.
>
>
> 2) Voice recognition? Nope, too much background noise in these stores
> (and seeing as it's fairly constant and loud, often anyone gets in!)
>
>
> 3) Video recognnition? Is it good enough yet? Reasonably priced as
> well?
>
>
> So in a nutshell, what would you be thinking about?

Three words: Terms of employment.

You're attempting to throw a technology solution at a problem that is
better handled with an administrative control.

In short, train the managers that if they disclose their username/pass
to anyone, it's extremely serious, and they can be fired. Have them
recertify to this policy on a regular basis.

If they still don't comply, best to find out in the trenches why it's
so inconvenient for them to comply.

This may not work for your situation, but it's one avenue that
deserves some contemplation. 2 factor auth is somewhat expensive and
has downfalls as you cite.

--
Todd H.
http://www.toddh.net/

Re: Security Ideas for new App I"m Building?

I agree with you on the fact that it's human issue more than
technology issue, I was just hoping to augment the policy some with
good application design, as negligence is a factor in this as well
(writing passwords down, leaving applications open and unlocked,
etc...) but indeed it may have to be a human control involved, with
auditing to back this up...


On Jul 30, 3:26 pm, comph...@toddh.net (Todd H.) wrote:
> tekiegreg writes:
> > Hi there, I'm currently a developer hired out to a multi-unit
> > franchisee in the Fast Food industry. Currently I'm building an
> > application that will be deployed to all our stores. Each store will
> > be running an application that will be connecting to a central server
> > here at the home office. Logins of some sort will be needed for each
> > store manager, but how to login has been a problem. The main issue
> > has been that the store managers have had a nasty tendency in the
> > past
> > to share usernames/passwords with people in the store that they
> > shouldn't, compromising security. So a standard user/pass won't do
> > necessarily. Our thoughts have already run as follows:
>
> > 1) What about fingerprints? We've tried that, but had problems with
> > them in the past with greasy smudges on people's fingers proving
> > difficult for the scanners to authenticate properly.
>
> > 2) Voice recognition? Nope, too much background noise in these stores
> > (and seeing as it's fairly constant and loud, often anyone gets in!)
>
> > 3) Video recognnition? Is it good enough yet? Reasonably priced as
> > well?
>
> > So in a nutshell, what would you be thinking about?
>
> Three words: Terms of employment.
>
> You're attempting to throw a technology solution at a problem that is
> better handled with an administrative control.
>
> In short, train the managers that if they disclose their username/pass
> to anyone, it's extremely serious, and they can be fired. Have them
> recertify to this policy on a regular basis.
>
> If they still don't comply, best to find out in the trenches why it's
> so inconvenient for them to comply.
>
> This may not work for your situation, but it's one avenue that
> deserves some contemplation. 2 factor auth is somewhat expensive and
> has downfalls as you cite.
>
> --
> Todd H.http://www.toddh.net/- Hide quoted text -
>
> - Show quoted text -

Re: Security Ideas for new App I"m Building?

On Jul 30, 11:26 pm, comph...@toddh.net (Todd H.) wrote:
> tekiegreg writes:
> > Hi there, I'm currently a developer hired out to a multi-unit
> > franchisee in the Fast Food industry. Currently I'm building an
> > application that will be deployed to all our stores. Each store will
> > be running an application that will be connecting to a central server
> > here at the home office. Logins of some sort will be needed for each
> > store manager, but how to login has been a problem. The main issue
> > has been that the store managers have had a nasty tendency in the
> > past
> > to share usernames/passwords with people in the store that they
> > shouldn't, compromising security. So a standard user/pass won't do
> > necessarily. Our thoughts have already run as follows:
>
> > 1) What about fingerprints? We've tried that, but had problems with
> > them in the past with greasy smudges on people's fingers proving
> > difficult for the scanners to authenticate properly.
>
> > 2) Voice recognition? Nope, too much background noise in these stores
> > (and seeing as it's fairly constant and loud, often anyone gets in!)
>
> > 3) Video recognnition? Is it good enough yet? Reasonably priced as
> > well?
>
> > So in a nutshell, what would you be thinking about?
>
> Three words: Terms of employment.
>
> You're attempting to throw a technology solution at a problem that is
> better handled with an administrative control.
>
> In short, train the managers that if they disclose their username/pass
> to anyone, it's extremely serious, and they can be fired. Have them
> recertify to this policy on a regular basis.
>
> If they still don't comply, best to find out in the trenches why it's
> so inconvenient for them to comply.
>
> This may not work for your situation, but it's one avenue that
> deserves some contemplation. 2 factor auth is somewhat expensive and
> has downfalls as you cite.
>
> --
> Todd H.http://www.toddh.net/- Hide quoted text -
>
> - Show quoted text -

Yup. They sign a formal document that states they can be fired for
sharing log ons, and you enforce it.
Don't even *think* about voice or video recognition, this is such a
dumb idea.
I'd suggest you use smartcard authentication and have them wear their
smartcards attached to their ID badge.

Ric

Re: Security Ideas for new App I"m Building?

On 30 Jul 2007 17:26:57 -0500, Todd H. wrote:

>> 1) What about fingerprints? We've tried that, but had problems with
>> them in the past with greasy smudges on people's fingers proving
>> difficult for the scanners to authenticate properly.
>>
>> 2) Voice recognition? Nope, too much background noise in these stores
>> (and seeing as it's fairly constant and loud, often anyone gets in!)
>>
>> 3) Video recognnition? Is it good enough yet? Reasonably priced as
>> well?
>>
>> So in a nutshell, what would you be thinking about?
>
> Three words: Terms of employment.

Won't work unless you are ready to potentially sacrifice some good
employees. Even then, you have to consistently fire to keep the focus up
and then back it with even pressure from management. Then you have to
fire some of them too.

To the poster:

My bet is that your company has thought about this issue and is trying
to set the burden on the technologist. As Tom was implicating, they are
looking in the wrong direction. Nice to be the scapegoat, eh?

Let me tell you what has worked in the past. Long, complicated
passphrases.

%-S6&~l@pA**D+q~`8#.sPz)Q&/

Try giving that one out over and over. And asking those who aren't
required to memorize it to memorize it. :)

Drop me an email at REMOVEemailwillforwardATgmail.comMYPANTS, let's chat
about keyboard biometrics and a couple other things that I have seen
work well.
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
http://www.acm.org/classics/sep95/

Re: Security Ideas for new App I"m Building?

On Tue, 31 Jul 2007 02:48:40 -0700, ric wrote:

> Don't even *think* about voice or video recognition, this is such a
> dumb idea.

Why?
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
http://www.acm.org/classics/sep95/

Re: Security Ideas for new App I"m Building?

On Jul 31, 6:06 pm, Ari wrote:
> On Tue, 31 Jul 2007 02:48:40 -0700, ric wrote:
> > Don't even *think* about voice or video recognition, this is such a
> > dumb idea.
>
> Why?
> --
> "You can't trust code that you did not totally create yourself"
> Ken Thompson "Reflections on Trusting Trust"http://www.acm.org/classics/sep95/

Where do I start?
Consider why neither of these options are in widespread use.
Some points to start you off:
1) you'd need to securely rewrite MSGINA on windows to allow logon via
either option. How do you expect your video or audio recognition to
work before logon? Are you proposing to do it in hardware? If so,
which hardware did you have in mind? What is the cost of that
hardware? Is your solution going to be able to be remotely
administered so when a worker forgets their glasses or has a headcold
they can still login? Will it hook into AD, etc?
2) there are much simpler methods that demonstrably work. If you
can't deal with individual usernames/passwords then rely on a simple
physical token and password - e.g. a smartcard. these are easy to
integrate into your infrastructure.
3) why over complicate things? no-one is going to congratulate the OP
on their expensive, overly elaborate and fragile implementation of
something just because it's "cool".
4) In a burger-flipping environment, something that relies on voice
login in a noisy environment is a dumb idea. Logging in via a video
image in an environment where people regularly wear hair nets etc is
similarly dumb.
5) Whilst adding significant cost and complexity, both video and voice
login would have lower security: unless you can somehow avoid being
able to login with a recording of someone or a photograph.

I could go on, but this is such an obviously bad idea I don't think I
need to.

Ric

Re: Security Ideas for new App I"m Building?

On Wed, 01 Aug 2007 02:13:24 -0700, ric wrote:

> On Jul 31, 6:06 pm, Ari wrote:
>> On Tue, 31 Jul 2007 02:48:40 -0700, ric wrote:
>>> Don't even *think* about voice or video recognition, this is such a
>>> dumb idea.
>>
>> Why?
>> --

> Where do I start?
> Consider why neither of these options are in widespread use.

That means nothing. Btw, they are in widespread use non-civilian.

> Some points to start you off:
> 1) you'd need to securely rewrite MSGINA on windows to allow logon via
> either option.

Linux.

> How do you expect your video or audio recognition to
> work before logon?

On all the time. Logon is by recognition.

> Are you proposing to do it in hardware? If so,
> which hardware did you have in mind? What is the cost of that
> hardware?

No but if I was, firmware.

> Is your solution going to be able to be remotely
> administered so when a worker forgets their glasses or has a headcold
> they can still login? Will it hook into AD, etc?

Look, you can throw a 1,000 questions at *any* authentication
methodology, none of these are unique to A/VR.

> 2) there are much simpler methods that demonstrably work. If you
> can't deal with individual usernames/passwords then rely on a simple
> physical token and password - e.g. a smartcard. these are easy to
> integrate into your infrastructure.

???? You still have passwords.

> 3) why over complicate things? no-one is going to congratulate the OP
> on their expensive, overly elaborate and fragile implementation of
> something just because it's "cool".

It's only complicated to you.

> 4) In a burger-flipping environment, something that relies on voice
> login in a noisy environment is a dumb idea.

There are no controlled audio environments? When did you become a
burger-flipper construction expert?

> Logging in via a video
> image in an environment where people regularly wear hair nets etc is
> similarly dumb.

Take them off.

> 5) Whilst adding significant cost and complexity, both video and voice
> login would have lower security: unless you can somehow avoid being
> able to login with a recording of someone or a photograph.

You're just ranting withut a clue.

> I could go on, but this is such an obviously bad idea I don't think I
> need to.
>
> Ric

No, you don't need to, that's for sure.
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
http://www.acm.org/classics/sep95/

Re: Security Ideas for new App I"m Building?

tekiegreg wrote:
> Hi there, I'm currently a developer hired out to a multi-unit
> franchisee in the Fast Food industry. Currently I'm building an
> application that will be deployed to all our stores. Each store will
> be running an application that will be connecting to a central server
> here at the home office. Logins of some sort will be needed for each
> store manager, but how to login has been a problem. The main issue
> has been that the store managers have had a nasty tendency in the
> past
> to share usernames/passwords with people in the store that they
> shouldn't, compromising security. So a standard user/pass won't do
> necessarily. Our thoughts have already run as follows:
>
> 1) What about fingerprints? We've tried that, but had problems with
> them in the past with greasy smudges on people's fingers proving
> difficult for the scanners to authenticate properly.
>
>
> 2) Voice recognition? Nope, too much background noise in these stores
> (and seeing as it's fairly constant and loud, often anyone gets in!)
>
>
> 3) Video recognnition? Is it good enough yet? Reasonably priced as
> well?
>
>
> So in a nutshell, what would you be thinking about? I'll probably
> use
> Client Certificates to authenticate the computer, but granted only
> store managers are allowed in, we need to restrict to themselves
> only. Hoping for some ideas here, thanks!
>
OTP with hardware token , for instance RSA.

store manager is responsble for the token to be always on his body, like his ID or key.
like other people suggested, make the managers sign this new policy.

M