Published: June 21, 2010
Author(s)
Ramaswamy Chandramouli
Conference
Name: 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2010)
Dates: 06/21/2010 - 06/23/2010
Location: Rome, Italy
Citation: Data and Applications Security and Privacy XXIV, vol. 6166, pp. 343-349
Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe the development and application of a new methodology called SID-AAM (where the abbreviation stands for Smart Identity Token – Authentication Assurance Level Methodology) that identifies a new set of authentication factors appropriate for this technology, identifies all the security properties that need to be verified based on bindings between various entities involved in the authentication processes and then derives an authentication assurance level taxonomy based on the set of security properties verified in the various authentication modes specified in the deployment. An application of the SID-AAM methodology to a large scale real world smart identity token deployment is
Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe the development and application of a new...
See full abstract
Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe the development and application of a new methodology called SID-AAM (where the abbreviation stands for Smart Identity Token – Authentication Assurance Level Methodology) that identifies a new set of authentication factors appropriate for this technology, identifies all the security properties that need to be verified based on bindings between various entities involved in the authentication processes and then derives an authentication assurance level taxonomy based on the set of security properties verified in the various authentication modes specified in the deployment. An application of the SID-AAM methodology to a large scale real world smart identity token deployment is
Hide full abstract
Keywords
authentication assurance levels; smart identity tokens; taxonomies
Control Families
None selected