NIST logo

Publication Citation: A New Taxonomy for Analyzing Smart Card-based Authentication Processes

NIST Authors in Bold

Author(s): Ramaswamy Chandramouli;
Title: A New Taxonomy for Analyzing Smart Card-based Authentication Processes
Published: September 07, 2007
Abstract: As part of E-Government and security initiatives, smart cards are now being increasingly deployed as authentication tokens. The existing classification of authentication factors into What you Know, What You Have and What You Are- does not provide a good framework for characterizing the strength and robustness of authentication processes involved in smart card-based authentications. The purpose of this paper is to identify the entities involved in this type of authentication processes, study the threats to those processes in terms of these entities involved, and then determine the list of properties associated with these entities that need to be verified to detect exploitation of these threats. A new taxonomy called Smart Card-based Authentication Taxonomy (SBCA) has been developed by classifying the property verification approaches under three authentication classes. The authentication profiles specified in two well-known recent government smart card specifications have been analyzed using the taxonomy to determine the relative strengths and assurances provided by these profiles.
Conference: International Conference on Information Society (i-Society 2007)
Location: Merrillville, IN
Dates: October 7-11, 2007
Research Areas: Computer Security
PDF version: PDF Document Click here to retrieve PDF version of paper (77KB)