Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Certificates Everywhere

By Steve Jones,

One of the things that I think has been most disappointing to me in technology over the last few decades is the lack of progress is managing security keys and certificates. There hasn't been a really good method designed that works well at scale for disparate organizations.

Recently at the DevConnections conference, I saw a talk where Mark Minasi talked about the future of tablets and smartphones, where he mentioned the idea that we will use many devices in the future that don't necessarily need to connect to the domain inside a company. They'll still authenticate, but with certificates.

That would be the ideal situation for me, a world where we individually have multiple certificates that identify us, and allow us to have secure communications, layers of security for different purposes, and a way to easily revoke, change, and add new certificates as needed. I'd be able to use easily manage certificates across devices to provide some level of authentication.

As we move to the deep intermixing of user and company devices, it does start to make sense that we consider using a more ad hoc authentication scheme that can be deployed in a more distributed fashion, rather than the monolithic, authenticate to the domain completely or not at all, scheme we have now.

I don't have a solution worked out, but I know there are some very smart security people out there and I'd hope that they are working on a variety of solutions that will increase the security we have, while allowing us lots of flexibility.

Steve Jones


The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Total article views: 159 | Views in the last 30 days: 3
 
Related Articles
ARTICLE

Podcast Announcements

Podcast Feeds

FORUM

Managing security and Certificates

In which circumstances will one use certificates and how do you manage security scripts

BLOG

Security Questions: Authentication Performance

As I mentioned in the introductory post, during the Introduction to SQL Server Security session for ...

ARTICLE

Two Factor Authentication

SQL Server doesn't support two factor authentication, but Steve Jones thinks it might be a good idea...

FORUM

Podcast Problem

Podcast Problem Blocked by group policy

Tags
editorial    
security    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones