Bell Labs, the research division of Lucent Technologies Inc., announced two new tools aimed at strengthening user passwords, while at the same time making them easier to use, at the recent Usenix security conference in Boston.

The two tools, called Factotum and Secure Store, are designed to allow users to type in one password to authenticate them to the full range of services, Web sites and applications that they use, said Eric Grosse, director of the network computing research department at Bell Labs, which is based in Murray Hill, N.J. In order to perform these single sign-on tasks, a user must include all their username, password, certificate and encryption key information in the Secure Store program, Grosse said. Secure Store protects that information using AES (Advanced Encryption Standard), the U.S. government encryption standard. Secure Store resides on a network, where it can be accessed by the user, he added. The download is available at

Enosys unveils XML data access middleware

Enosys Software Inc. has released server software that creates an XML access layer over Web data and relational databases.

The software lets the corporate IT group set up a way for Web applications to make a single data request or query that can access several data sources. The Enosys software collects the responses, manipulates them if desired and displays the results in a single Web screen, or view. By using XML, and the W3C’s XML Query standard, the software could simplify the work of reading data from enterprise applications and combine that data with Web applications. The server users several mechanisms, including XML, and interfaces called translators to access data stored in XML or HTML files, enterprise applications and relational databases. The software can replace point-to-point, custom coding between numerous applications.