[VOIPSEC] Identity Management and VoIP and More
Michael Slavitch
slavitch at gmail.com
Thu Jun 29 13:37:40 CDT 2006
And as has been discussed elsewhere fingerprint-based biometrics aren't
secure even against a gelatin-based attack:
http://www.schneier.com/crypto-gram-0205.html
On 6/29/06, Dustin D. Trammell <dtrammell at tippingpoint.com> wrote:
>
> On Wed, 2006-06-28 at 18:58 -0700, Mahesh Jethanandani wrote:
> > One way that I see the equipment and the person coming together is
> > through a biometric device. The person authenticates oneself to the
> > device under use - whether it is the physical phone or a PC running a
> > softphone. Once the identity has been established between the person and
> > the device under use, the same is used to transfer it in the call that
> > is made.
>
> But what happens when the user moves away from the device, such as the
> user leaving the office after authenticating to their wired desk phone
> or softphone running on their workstation? Time to marry that biometric
> authentication with some kind of proximity detection to automatically
> "log out" the user from the device if they are no longer around.
> Otherwise, anyone else could walk up to the phone and make a call as the
> original user.
>
> Just think of the potential human-tracking capabilities that arise from
> that combination of technologies...
>
> --
> Dustin D. Trammell
> VoIP Security Research
> TippingPoint, a division of 3Com
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
More information about the Voipsec
mailing list