Difference between revisions of "Late Binding Token"

From MgmtWiki
Jump to: navigation, search
(Problems)
(Solutions)
Line 13: Line 13:
  
 
==Solutions==
 
==Solutions==
The exact form of the [[Late Binding Token]] is widely variable from [[Smart Cards]] to [[TPM]] buried inside of a [[Smart Phone]] or other computing device.
+
The exact form of the [[Late Binding Token]] is widely variable from [[Smart Card]]s to [[TPM]] buried inside of a [[Smart Phone]] or other computing device.
 
 
  
 
==References==
 
==References==

Revision as of 10:03, 22 July 2019

Full Title or Meme

A Security Token that can be bound to a Site after it has been shipped to theUser.

Context

There are two broad classifications of Late Binding Tokens.

  1. User held key fobs that have very limited functionality other than to carry a private key (aka user Credential and the ability to sign or decrypt hashes.
  2. User held mobile devices like Smart Phones that come with a built in Trusted Execution Environment that can perform the same function.

Problems

There are a few problems that need to be mitigated with Late Binding Tokens.

  1. The Relying Party must be assured that the device is legitimate and did create the message that was sent from the user to validate an interchange.
  2. The user would like to be able to use one token to secure message interchanges with more than one service so they don't get asked to carry multiple tokens.

Solutions

The exact form of the Late Binding Token is widely variable from Smart Cards to TPM buried inside of a Smart Phone or other computing device.

References