Check out the new USENIX Web site.

Handling Passwords with Security and Reliability in Background Processes


Don Libes
National Institute of Standards and Technology

Abstract

Traditionally, background automation of interactive processes meant giving up security and reliability. With the advent of software such as Expect for controlling interactive processes, it has become possible to improve reliability and security with relative ease. This paper reviews the reliability aspects but focuses primarily on the security aspects, presenting several non-obvious techniques for dealing with passwords and other sensitive information in background processes. These techniques require no changes to existing programs and no new security systems are necessary. With the appropriate tools and examples, these techniques can be applied with surprisingly little effort to a wide variety of problems.


Download the full text of this paper in ASCII (33,908 bytes) and POSTSCRIPT (131,464 bytes) form.

To Become a USENIX Member, please see our Membership Information.