(keitai-l) Re: question on enterprise security

From: Renfield Kuroda <Renfield.Kuroda_at_msdw.com>
Date: 02/13/01
Message-ID: <3A88EF97.46ECA903@msdw.com> 
As far as MSDW RADAR, our wireless institutional financial portal, any unknown
network is by definition untrustable. Therefore we limit the type of data
available on untrusted networks.

A leased line from DoCoMo to your own firewall (avoiding the internet) is a good
security measure, as are strong passwords and strict (short-term) session
management.

However SSL and digital certs with 503 handsets seem to bring some hope for more
secure transactions.

r e n


Pete Saladino wrote:

> Does anyone have information on the best ways businesses are using imode
> devices to access some corporate information while ensuring proper levels of
> security?  With just a regular non-official site serving chtml, you can set
> up an SSL connection between DoCoMo and the web server......how secure is
> the remaining connection from DoCoMo to the handset over the air?  I thought
> this was discussed on this list and the consensus was that since the data
> sent from DoCoMo to the handset was via proprietary non-public standard,
> that this would be plenty secure.  Correct?  So its just basic SSL security
> from the web server?
>
> bottomline:  what is the best way to ensure security on non-official imode
> websites such that corporate information can be accessed?  Is accessing data
> of this nature even an established practice?  I thought that most of the
> banking apps, etc. were registered sites and therefore reading the phoneid
> and doing a match on that as well for added security.  Also, if all this is
> so good, then why are the new 503i's supposed to address "security concerns"
> via iAppli's?   Just a little confused by the conflicting stories.
>
> thanks!
>
> -p
>
> Pete Saladino
> Scientョ: Innovate - For What's Next.(tm)
> email: psaladino@scient.com
> mobile: +81 90.7710.2215
> visit us:  http://www.scient.co.jp
>
> [ Did you check the archives?   http://www.appelsiini.net/keitai-l/ ]

--
ascii: r e n f i e l d
octal: \162 \145 \156 \146 \151 \145 \154 \144
hex: \x72 \x65 \x6e \x66 \x69 \x65 \x6c  \x64
morgan stanley dean witter japan
e-business technologies | engineering and strategy



[ Did you check the archives?   http://www.appelsiini.net/keitai-l/ ]
Received on Tue Feb 13 10:18:24 2001