Lucent Offers Novel Authentication Tool
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Lucent Offers Novel Authentication Tool

Written By
Dennis Fisher
Dennis Fisher
Aug 7, 2002
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Researchers at Lucent Technologies Inc.s Bell Labs have developed a new authentication technology that experts say could greatly improve the security of enterprise networks.

The software comprises two pieces, known as Secure Store and Factotum, and is unique in that it doesnt store usernames and passwords on client machines. All user credentials are stored on the network, and users access them as needed via their PCs or other devices.

The software was originally written for Bell Labs own Plan 9 operating system, but researchers say they can port it easily to other platforms, including Windows, Solaris, Linux and Unix.

To set up the services, users type into Secure Store all of their various usernames and passwords for the Web sites that they frequent, such as online banking sites. This data is protected through the use of AES encryption and is then stored on the network.

To retrieve any of this data, users enter a password in the Factotum software, which runs on their client machines. Using a new protocol Bells Labs developed, called Password Authenticated Key Exchange, the software then retrieves the requested key from the network.

Once on the users machine, the keys are stored in RAM rather than on the hard drive and are deleted as soon as the machine is switched off.

“Bell Labs design recognizes rightly that identity and the authentication of identity are the heart and soul of security,” said David Nicol, professor of computer science at Dartmouth College in Hanover, N.H., and director of research and development at Dartmouths Institute for Security Technology Studies.

Bell Labs officials say they dont have any plans to sell the software at this point and are instead making it available for free. Enterprises could implement the technology as a single sign-on solution for all of the companys applications, suggested Eric Grosse, director of networked computing research at Bell Labs in Murray Hill, N.J.

“The main thing is, we have a scheme that doesnt require massive deployment,” Grosse said. “You could deploy it on the department level and move on incrementally from there.”

Grosse and some of his colleagues from Bell Labs and the Massachusetts Institute of Technology unveiled the new software during a talk Wednesday at the Usenix Security Symposium in San Francisco.

Related Stories:

  • The Problems With Identities
  • More Security Coverage
Dennis Fisher
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information