Factotum Bridges Access Gaps

It may not prove to be a threat to unique ID schemes such as Microsoft Corp.'s Passport, but a new technology from Lucent Technologies Inc.'s Bell Labs could revolutionize how systems and applications are securely accessed and managed.

It may not prove to be a threat to unique ID schemes such as Microsoft Corp.s Passport, but a new technology from Lucent Technologies Inc.s Bell Labs could revolutionize how systems and applications are securely accessed and managed.

Bell Labs Factotum is essentially a more powerful, flexible and distributed implementation of SSH (Secure Shell). However, Factotum goes far beyond SSH in terms of how it handles encryption and the way it is handled by systems and applications.

Factotum can manage multiple keys, most encryption algorithms and several authentication methodologies. The keys for Factotum are kept in volatile memory and are designed to be pulled from a secure server store upon initialization. With traditional methods such as SSH, in contrast, keys are stored on the client—a less flexible and potentially less secure approach.

Factotum has a streamlined design and is thus easily integrated into almost any application. This will enable single sign-on and potentially eliminate the need for multiple security mechanisms.

Factotum has no mechanism for handling trust, so it wont replace ID management systems such as Passport or those built on the Liberty Alliance specification. However, it could be integrated as a component of these types of systems.

Bell Labs recently integrated Factotum into its Plan 9 operating system. Well most likely see implementations of Factotum outside of Plan 9 first in trusted operating systems and other security-oriented platforms that require very secure access mechanisms.

East Coast Technical Director Jim Rapoza can be reached at jim_rapoza @ziffdavis.com.