FOR

SecuriKey is a new product that aims to provide easily managed yet secure authentication (that is, authorized access to hardware, data and software) under the aegis of Windows 2000 or Windows XP. It is important to note, though, that incomplete attention to details when installing the system can compromise security, and that lackadaisical implementation can completely subvert all intentions to secure data. [Ed note: This could apply to many solutions where configuration has not been accomplished in the correct manner.]

It works hand in glove with the Windows system start-up, permitting the user to continue at a workstation only if an authentication test is passed. The user must have a simple key-like device plugged into a USB port at start-up, and the access password supplied to Windows will match it.

The perfectly sound idea requires a central administration manager to maintain a database of authorized users, linking their passwords to their keys so that Windows will not even open for the user who does not plug the appropriate key into an available USB port.

Unfortunately it is quite easy to get into a muddle with effective installation and deployment of the package, primarily because it is itself ultimately linked to Windows protocol. For example, any change in the USB configuration can leave users locked out because their key is not recognized at the usual port. Furthermore, because the SecuriKey system is designed for Windows 2000 and XP, dual boot systems present a problem. If it is possible to boot with Windows NT, for example, SecuriKey is unavailable and cannot prevent use of the data on disk. An alternative approach is to use an encryption strategy for vulnerable data - but if that is to be the final line of defense, you may well ask why you would want to use authentication anyway.

Things can go badly wrong if somebody elects to change the name of a particular computer: access to data and other resources will continue unabated while that PC is on, attached to the network, and the USB key is present, but access will be denied to even the administrator the next time the computer boots, because no profile exists in the administration manager’s database that matches the new name. New profiles should be generated in advance, carefully. [Ed note: Griffin Technologies says that renaming a computer is only a problem is the user is using local (non-domain) accounts. Networked login is therefore unaffected.]

Another limitation is that a Safe Mode start-up does not load the SecuriKey logon client - so a knowledgeable unauthorized user can again subvert the authentication scheme. To cover this case Griffin Technology provides an optional Safe Mode Blocker (which must be custom-installed) but of course the removal of access to Safe Mode will be considered unacceptable to many users. It would seem that if the Safe Mode Blocker is installed, the SecuriKey logon client can be removed only by administrative access to alter the station’s registry gained through the network.

The use of a USB-compatible key is simple and very effective: it can be used as a key chain ornament, or secured on a string around the neck, always personally available. However even here there are considerations that have to be taken into account when SecuriKey is to be implemented: Windows recognizes each USB port as a unique device, and so the appropriate software driver must be installed for each port at which the key may be used - now and in the future. The installation process itself for SecuriKey requires the presence and recognition of a key in a USB port.

The accustomed way of deploying SecuriKey is through an enterprise - the administration program in one location on the network, and client log-in modules on each secured workstation. Users are attached to the enterprise by booting their workstation PCs while their USB key is plugged into a port. Each password (which can be the Windows password itself) is checked against the USB key so that there are two factors that authenticate access to data on the system. If users leave their workstation at any time, removing the USB key effectively locks the station so that it cannot be used by an unauthorized party to glean information locally or on the network. If limitations are noted and precautions taken to prevent overriding the Windows operating system, SecuriKey offers an effective way to ensure that stations within an enterprise - and all the sensitive data within reach - are safe. When operations are normal this is all very good, but circumstances can create large headaches if the systems administrator is not totally aware of the complexities that can arise.

SecuriKey can be used to protect unattached stations, and can be used to secure sensitive information on a laptop, so that hardware loss or theft does not compromise the data. The success or failure of each authentication challenge is recorded in the systems event log.

Authentication client software under Windows often appears as a graphical identification and authentication (GINA) dynamic linked library. Such a GINA DLL is executed first during start-up, and third-party software creators have studiously endeavored to ensure that their GINA DLL will co-operate with others. In this instance, SecuriKey has been tested and found compatible with Novell Netware, linking successfully to its client.

A small handbook is available for the SecuriKey Authentication System. It provides little detail but highlights most of the configuration problems and security considerations. However, the complete documentation may be found on the CD-ROM in the form of an HTML help file.
 

SC On-Line
SC Magazine
www.scmagazine.com