Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rapid Authentication Systems?

Posted by Cliff on from the secure-yet-fast dept.

Barrington Johnson asks: "I am an emergency physician, and am looking for a solution for authentication which is compatible with rapid logons and logoffs. We have several web-based terminals into which we put information. The web application gives a real-time representation of the emergency department, so it is important that it is kept up to date. We have an opportunity to re-design our system, and I know that if I make the authentication process too difficult e.g. username+password, doctors will store up their data entry, and do it all in one go, removing the real-time usefulness of the display. At what level (application/browser/system) should authentication occur, and what method would be best?" Might a smartcard-based authentication system work well in this situation?

4 of 48 comments (clear)

  1. Here you go by wbav · · Score: 3, Informative

    A nice device, allows over-ride if you loose it, and instant unlock as need be.

    wireless lock

    --

    =================
    Unix is very user friendly, it's just picky about who its friends are.
  2. Re:SmartCards slow -- YMMV by zhiwenchong · · Score: 3, Informative

    This is interesting. 5 seconds? That's slow.

    Are these proximity-type cards? Can RF-based proximity-card readers be used with terminals?

    I use a proximity card to enter university buildings, and it takes less than 1 sec for the reader to read my card, find my record in the authorized personnel database, and unlock the door. Instantaneous.

    UID/pw usually takes more than 1 sec -- it depends on the length of UID and pw, and how fast the person can type.

  3. Re:Why authenticate? by BrynM · · Score: 2, Informative
    Why is authentication needed?
    One acronym my friend: HIPAA. The Federal and State governments would get a little mad at you and fine you lots of money... Then it's the patient's turn to raid your pocketbook.
    --
    US Democracy:The best person for the job (among These pre-selected choices...)
  4. Re:Why authenticate? by flink · · Score: 3, Informative

    I work for a medical software company. Due to HIPAA regulations, if we even have PHI on our PC, even if it's not being displayed, we have to lock the PC when we aren't there. All hard copies have to be locked up and disposed of in a secure container. We also have to be able to disclose to our customers and their patients who viewed what data when and for what purpose if demanded of us, so all access has to be authenticated.