Difference between revisions of "Late Binding Token"
From MgmtWiki
(→Context) |
|||
Line 3: | Line 3: | ||
==Context== | ==Context== | ||
− | + | There are two broad classifications of [[Late Binding Token]]s. | |
+ | # User held key fobs that have very limited functionality other than to carry a private key (aka user [[Credential]] and the ability to sign or decrypt hashes. | ||
+ | # User held mobile devices like [[Smart Phone]]s that come with a built in [[Trusted Execution Environment]] that can perform the same function. | ||
==Problems== | ==Problems== |
Revision as of 10:58, 22 July 2019
Full Title or Meme
A Security Token that can be bound to a Site after it has been shipped to theUser.
Context
There are two broad classifications of Late Binding Tokens.
- User held key fobs that have very limited functionality other than to carry a private key (aka user Credential and the ability to sign or decrypt hashes.
- User held mobile devices like Smart Phones that come with a built in Trusted Execution Environment that can perform the same function.
Problems
Solutions
The exact form of the Late Binding Token is widely variable from Smart Cards to TPM buried inside of a Smart Phone or other computing device.