 |
| Coleman, Alberta (photo by V.A. McMillan) |
I want to explore a
concept of a symbiotic operating system and security system for laptops, desktops,
tablets, and other portable devices used in a business or office environment
that require a secure device when the end-user is absent from their workstation,
desk, or cubicle. The concept I will share I have named Gatekeeper &
Keymaster. This idea was triggered yesterday while reading course material for
the information security management course I am currently taking. Caveat – I am
not a hardware or software designer, I am an “ideas guy”. Second, I am not
aware of the system I am about to share as already being in existence. If a
similar system is already out there, I am not aware of it.
Gatekeeper & Keymaster
 |
| My original idea sketched out |
The theory or
operating principle is to create a symbiotic operating system that requires the
Keymaster to be inserted into the Gatekeeper port. If the Keymaster is missing
ALL information on the device (desktop, laptop, notebook, tablet, smartphone)
will be in the normal state = encrypted. Thereby rendering theft of device as
useless if capturing confidential data or propriety information are the
objectives of the theft.
Due to my limited
grasp of available technology options, let us say that the Keymaster is a USB
drive, and the Gatekeeper is a USB port. Maybe HDMI, or some other type of plug
& play port would be more appropriate?? A tomorrow problem.
Since the concern is
employees leaving a device logged-in to the network system of a company or
organization and being away from their workstation or desk, then the need is
for a simple and effective method to lock the device in the employee's absence
and provide rapid opening of the device when the employee returns. The thought
is that the Keymaster being a physical key that needs to be attached to the
device establishes a physical connection between the employee and the device.
To coach the required behaviour, I recommend attaching a pull strap (1"
webbing x 5" long) to the Keymaster. Further add a keyring that the
employee would attach their house key or car & a RFID proof pouch to carry
a credit card. This method is based on the idea that an employee would never
leave their credit card on their desk in plain view when they were away from their
desk.
Now, when the
employee returns, they plug-in their Keymaster and the device closes the screensaver
and returns the device to exactly as the end-user had left it. If this is a
high security operation, the added step of plugging in the Keymaster & then
typing a PIN or password could easily be added. Other methods of multi-part
verifications could be added but that many redundancies would discourage not
encourage compliance in normal office work environment.
So, the system would be a
symbiotic system that requires both the Gatekeeper and the Keymaster to provide
an operational environment that is not totally encrypted. To ease my security
side, the relationship between the Gatekeeper port and Keymaster would be
physical. I do not trust Wi-Fi or Bluetooth wireless connections for this type
of symbiotic relationship. This is just a concept at the moment and requires
serious investigation by folks who know what they are doing. Hopefully, by
sharing the concept this will trigger someone who knows how to make this become
reality.
Until next time…dream up
new ideas!
Mountainman.
