Nulägesanalys och verifiering av autentiseringsmetoder
En studie på ett konsultbolag i nätverksbranschen
This report is written for a consultant networking company with the purpose to review the development ofthe company's remote connections from a user friendly and security perspective.This includes an investigation of the possibilities to consolidate existing authentication methods foraccessing customers. The problem lies in the amount of methods being used. Through case study wefound that smart cards, SMS-service, software and hardware tokens exist.The only method feasible from a security perspective is smart cards. Since the method is not commonlyused by the company's customers a standardization of it would be counterproductive.Also, the purpose of this report is to investigate how the ongoing internal development of the remoteconnection will affect the company's clients. Within this framework we have also verified a designsuggestion.We interpret, after the completion of the case study, that the internal development of the remoteconnection is marginally affected by legal perspectives. Tests and interviews shows that all of thesolutions are user friendly, but not adequate from a security perspective. With respect to customers'demands we recommend that the company's internal network should be accessed with smart cards. Thisguarantees that only intended authentications are performed.