Home Beyond Passwords: Xerox PARC Spin-Off Introduces Individual Device Authorization

Beyond Passwords: Xerox PARC Spin-Off Introduces Individual Device Authorization

We all know the problems inherent in passwords. Make your password requirements too simple, and passwords can be too easily cracked. Make them too difficult, and users will write their passwords down next to their computers. Not to mention users using the same password for everything. PowerCloud, a startup spun-off of Xerox’s noted Palo Alto Research Center, is pushing what it calls “usable security” – an approach to making reality converge with security. Its first project is a partnership with D-Link to improve wireless networking security.

One big problem for small and medium sized enterprises deploying wireless networks is managing encryption keys. Larger enterprises tend to use enterprise encryption methods like PEAP that integrate with Active Directory. Small and medium sized organizations tend to use pre-shared keys. The problem is that pre-sharing keys can result in many people knowing the key to a wireless network. Changing the WiFi key every time an employee leaves the organization would be a huge hassle for everyone involved.

PowerCloud and D-Link are planning to solve the problem with Individual Device Authorization (IDA). Individual devices will get a token to upload via a web browser to the wireless access point. That device would then be authorized to use that wireless network until the token is revoked. Tokens can be revoked in the event that a device is lost or stolen or an employee leaves an organization.

Eventually PowerCloud wants to apply this technology to other types of network resources, including network attached storage, databases and VPN connections, could work the same way. PowerCloud is working on a browser-based access control console that it hopes will make access control easier for IT.

For the time being, passwords will still be required for device or domain authentication. Getting rid of passwords entirely isn’t feasible, but PowerCloud is showing the way towards less dependency on problematic authentication methods. We look forward to seeing more innovation in this area.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.