A New Taxonomy for Analyzing Smart Card-based Authentication Processes
As part of E-Government and security initiatives, smart cards are now being increasingly deployed as authentication tokens. The existing classification of authentication factors into What you Know, What You Have and What You Are- does not provide a good framework for characterizing the strength and robustness of authentication processes involved in smart card-based authentications. The purpose of this paper is to identify the entities involved in this type of authentication processes, study the threats to those processes in terms of these entities involved, and then determine the list of properties associated with these entities that need to be verified to detect exploitation of these threats. A new taxonomy called Smart Card-based Authentication Taxonomy (SBCA) has been developed by classifying the property verification approaches under three authentication classes. The authentication profiles specified in two well-known recent government smart card specifications have been analyzed using the taxonomy to determine the relative strengths and assurances provided by these profiles.
October 7-11, 2007
International Conference on Information Society (i-Society 2007)
A New Taxonomy for Analyzing Smart Card-based Authentication Processes, International Conference on Information Society (i-Society 2007), Merrillville, IN, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=51235
(Accessed June 5, 2023)