Wednesday, February 21, 2007

Machine Identity

There have been quite a number of searches in the past 90 days about machine identity that have hit this blog looking for information. A lot of interest from the EU in particular, although I have not been able to pinpoint if it's because the usual ways of ID-ing machines (MAC and/or IP address) are not as absolute as they once were, if it's related to the privacy laws that are different in the EU than they are in the US, or if it is something else altogether.

What I do know is that a MAC address and/or an IP address are not as reliable in the forensic world. It used to be that Law Enforcement could get an affadavit by producing a MAC and or IP address from a suspect and get a warrant right away. Things are different with the ability to spoof these two components of Identity with easily available software since the reliability is in question and the irrefutability is not what it was.

Trusted Network Technologies has come up with a unique and patented way to ID a machine based on hardware components and the associated serial numbers and embed that information in TCP packets. In short - it's the new irrefuatble machine identity. Your company may have 5,000 Dell laptops, but each one has a unique hardware profile, that when captured and embedded into the packet creates a unique identifier based on that build. Totally unique, totally proovable. It's a logical badge for the network that compliments the physical ones we're all familiar with.

Why this may emerge as the new Identity attribute most important to companies, law enforcement, and others is that it provides a layer of privacy - you are your machine not who you say you or your machine is, and you can govern access control by those inside and outside your organization based on this attribute and add user identity information to the mix and extend what you have.

With all of the talk about NAC and keeping unhealthy machines off the network I believe it is crucial to establish that irrefutable identity of the machine so that you know what that machine is, can quickly find out who is using it, and whether or not to allow that user and/or their machine anywhere near your network. It's a nice way to keep things open and secure at the same time whether you're human or hardware...


Post a Comment

<< Home