Published: October 10, 1989
Author(s)
Miles Smid (NIST), James Dray (NIST), Robert Warnar (NIST)
Conference
Name: 12th National Computer Security Conference (NCSC)
Dates: 10/10/1989 - 10/13/1989
Location: Baltimore, MD
Citation: Proceedings of the 12th National Computer Security Conference, pp. 232-253
This paper describes a Token Based Access Control System (TBACS) developed by the Security Technology Group of the National Institute of Standards and Technology (NIST). TBACS replaces traditional password based access control systems which have often failed to prevent logins by unauthorized parties. A user's access to network computers and resources is mediated by a smart token implementing a transparent cryptographic three-way handshake with the target computer. The token's onboard processor and memory are exploited to provide sophisticated security mechanisms in a portable device. In addition to access control, the TBACS token may be used for random number generation, cryptographic key generation, data encryption, data authentication, and secure data storage.
This paper describes a Token Based Access Control System (TBACS) developed by the Security Technology Group of the National Institute of Standards and Technology (NIST). TBACS replaces traditional password based access control systems which have often failed to prevent logins by unauthorized...
See full abstract
This paper describes a Token Based Access Control System (TBACS) developed by the Security Technology Group of the National Institute of Standards and Technology (NIST). TBACS replaces traditional password based access control systems which have often failed to prevent logins by unauthorized parties. A user's access to network computers and resources is mediated by a smart token implementing a transparent cryptographic three-way handshake with the target computer. The token's onboard processor and memory are exploited to provide sophisticated security mechanisms in a portable device. In addition to access control, the TBACS token may be used for random number generation, cryptographic key generation, data encryption, data authentication, and secure data storage.
Hide full abstract
Keywords
access control; computer security; networks; smart cards; smart tokens; tokens
Control Families
None selected