SDK Resources > Posture Validation (NAC) > PVS Sample Design Information > Security Limitations of the PVS Sample

Security Limitations of the PVS Sample

The PVS sample demonstrates how a posture validation application is structured, but it is not intended as a fully featured production example. The implementation uses design approaches that are not secure enough for a production environment.

1.  Posture validation results and fields are ultimately stored in a local XML file. These include Certificate and signature verification in simple text valid/invalid fields. This approach could be subject to local attacks on the module depending on protections and permissions to the temporary XML file. This is much weaker than a PKI–based posture validation.

2.  The implementation does not validate the certificate in the posture (for example, by checking against a Certificate Revocation List). Instead, it always reports a certificate as valid.

3.  Client certificates are stored locally in an insecure folder, rather in a secure store.

Copyright © 2006-2013, Intel Corporation. All rights reserved.