Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP

HP.com home


Technical Reports



» 

HP Labs

» Research
» News and events
» Technical reports
» About HP Labs
» Careers @ HP Labs
» Worldwide sites
» Downloads
Content starts here

 
Click here for full text: PDF

Sensor-Enhanced Authentication Token for Dynamic Identity Management

Smith, Mark; Hans, Mat

HPL-2004-226

Keyword(s): sensor; authentication; identity management; security communication protocol

Abstract: Identity management as a component in applications is increasing in importance. Many applications need to manage user identities in a dynamic way because threats or conditions under which the application is to be used can change rapidly. We describe a new system for dynamic identity management that can accommodate changes in authentication requirements based on context. Central to this new system is a user neutral, context aware token that is worn by a person seeking access to resources or assets. Such resources use intrinsic secure authentication points (SAPs) to communicate with the tokens. The token device stores information related to the wearer's security permissions including biometric data. This information is loaded during an initialization step after the token is attached to the person. At this time the person is authenticated, resulting in a system that does not permanently bind a token to a particular wearer: The token is equipped with a heterogeneous sensor set that provides continuous context data, including user attachment and proximity information. A unique feature of this system is the use of user attachment sensors that detect if the token has been removed from the wearer's possession, and return it to its neutral state. The proximity sensors allow a SAP to detect if the wearer is attempting to gain access to an asset. The token's data processing system has sufficient computing power to allow it to execute an elliptic curve based secure communication protocol over which all transactions with secure authentication points wirelessly take place. Using this token, we explore security in context aware and dynamic systems, and give details from a prototype system. The system has received considerable interest from healthcare providers, commercial aviation and military security sectors.

13 Pages

Back to Index

»Technical Reports

» 2009
» 2008
» 2007
» 2006
» 2005
» 2004
» 2003
» 2002
» 2001
» 2000
» 1990 - 1999

Heritage Technical Reports

» Compaq & DEC Technical Reports
» Tandem Technical Reports
Printable version
Privacy statement Using this site means you accept its terms Feedback to HP Labs
© 2009 Hewlett-Packard Development Company, L.P.