|
Good
Better performance
Better ability to protect the VA from attack Use of attributes in OCSP responses let's administrators assign roles to users. Bad
Integration with existing CAs/directories could be more developed. Real Time Credentials Validation Authority (RTCVA) starts at under $35,000/ Real Time Credentials Foundation (RTCF) pricing is via custom quote. CoreStreet Ltd. 617-718-0082 www.corestreet.com |
The reader can also write proofs to users' cards. So when users first enter the building, they should have to pass through a network-attached reader, which will automatically update users' cards with a current proof. Then they can pass through any non-networked reader. More importantly, the revocation proofs, or reader policies, of other users can be written to any user's card for automatic redistribution to any non-network-attached reader because the revocation proof can be read off the card and stored for later use. Likewise, reader log files can be collected from non-network-attached readers. The obvious weakness in this system is that users need to swipe their cards through a connected reader to get their updated proofs. You should take extra care when deciding where to place network-attached card readers--often used, easily accessed readers are critical for a successful system.
RTCVA is a useful product for certificate validation, and the performance gains of pre-generating OCSP responses and the decreased exposure of the signing RTCVA being off-line are compelling to any organization using digital certificates. The physical security validation is a practical and unique use of validation that augments existing physical security measures.
Mike Fratto is a senior technology editor based in Network Computing's Syracuse University Real-World Labs®; he covers all security-related topics. Prior to joining this magazine, Mike worked as an independent consultant in central New York. Write to him at [email protected].
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
