Difference between revisions of "Authenticator"
From MgmtWiki
(→Solution) |
(→Solution) |
||
| Line 10: | Line 10: | ||
==Solution== | ==Solution== | ||
* The page [[One-Time Password Authenticator]] has a description of one type of [[Authenticator]]. | * The page [[One-Time Password Authenticator]] has a description of one type of [[Authenticator]]. | ||
| − | * [https://w3c.github.io/webauthn/#authentication-assertion Web Authentication Authenticator]. | + | * [https://w3c.github.io/webauthn/#authentication-assertion Web Authentication Authenticator]. A cryptographic entity, existing in hardware or software, that can register a user with a given Relying Party and later assert possession of the registered public key credential, and optionally verify the user, when requested by the Relying Party. [[Authenticator]]s can report information regarding their type and security characteristics via attestation during registration. |
| + | |||
| + | A WebAuthn Authenticator could be a roaming authenticator, a dedicated hardware subsystem integrated into the client device, or a software component of the client or client device. | ||
[[Category:Glossary]] | [[Category:Glossary]] | ||
[[Category:Authentication]] | [[Category:Authentication]] | ||
[[Category:Trust]] | [[Category:Trust]] | ||
Revision as of 10:08, 20 July 2019
Contents
Full Title or Meme
Authenticators are devices in the user possession that can generate a one-time password.
Context
- Authenticators may be independent hardware devices, or may be software running on a User Device that contains a Trusted Execution Environment to hold user Credentials that are used to create claims for the user.
Problem
Give users a hand-held device that can generate secured claims for access to secure accounts.
Solution
- The page One-Time Password Authenticator has a description of one type of Authenticator.
- Web Authentication Authenticator. A cryptographic entity, existing in hardware or software, that can register a user with a given Relying Party and later assert possession of the registered public key credential, and optionally verify the user, when requested by the Relying Party. Authenticators can report information regarding their type and security characteristics via attestation during registration.
A WebAuthn Authenticator could be a roaming authenticator, a dedicated hardware subsystem integrated into the client device, or a software component of the client or client device.
