Smart cards and mobile handheld devices: an overview and implementation
2 Angebote vergleichen
Bester Preis: € 17,86 (vom 25.06.2015)1
Symbolbild
Smart cards and mobile handheld devices: an overview and implementation (2005)
EN NWISBN: 9781234084240 bzw. 1234084244, in Englisch, neu.
Von Händler/Antiquariat, BuySomeBooks [52360437], Las Vegas, NV, U.S.A.
This item is printed on demand. Original publisher: Gaithersburg, Md. : U. S. Dept. of Commerce, National Institute of Standards and Technology, 2005 OCLC Number: (OCoLC)123903917 Subject: Smart cards. Excerpt: . . . card is registered with the PDA; the users public key certificate is retrieved from the card onto the PDA and verified using the root certificate of the issuing CA. User authentication follows the FIPS 196-compliant challenge response protocol described earlier. The handler verifies the signature using the users public key contained in the users public key certificate that was downloaded onto the PDA at registration. Protection For user authentication the fundamental threat is an attacker impersonating a user and gaining control of the device and its contents. Smart cards are designed to resist tampering and monitoring of the card, including sophisticated attacks that involve reverse engineering, fault injection, and signal leakage. Presuming those designs are effective, the following vulnerabilities are the main candidates for exploitation: The authentication mechanism can be bypassed Weak authentication algorithms and methods are used The implementation of a correct and effective authentication mechanism design is flawed The confidentiality and integrity of stored authentication information is not preserved The SMMC mechanism relies on MAF, which in turns relies on the security of the underlying operating system implementation. The handler is protected from being substituted or overwritten with another program through the multi-mode authentication and policy enforcement functionalities of MAF. Substitution is prevented through an entry in the list of registered handlers ( usr bin handlerSMMC 2 ) identifying its location, while overwrite is prevented using the following policy rule in the MAF policy file ( etc MAF defaultPolicy ) Jan03b , which also grants exclusive access to the file containing the certificate of the user maintained by th. . . This item ships from La Vergne,TN.
This item is printed on demand. Original publisher: Gaithersburg, Md. : U. S. Dept. of Commerce, National Institute of Standards and Technology, 2005 OCLC Number: (OCoLC)123903917 Subject: Smart cards. Excerpt: . . . card is registered with the PDA; the users public key certificate is retrieved from the card onto the PDA and verified using the root certificate of the issuing CA. User authentication follows the FIPS 196-compliant challenge response protocol described earlier. The handler verifies the signature using the users public key contained in the users public key certificate that was downloaded onto the PDA at registration. Protection For user authentication the fundamental threat is an attacker impersonating a user and gaining control of the device and its contents. Smart cards are designed to resist tampering and monitoring of the card, including sophisticated attacks that involve reverse engineering, fault injection, and signal leakage. Presuming those designs are effective, the following vulnerabilities are the main candidates for exploitation: The authentication mechanism can be bypassed Weak authentication algorithms and methods are used The implementation of a correct and effective authentication mechanism design is flawed The confidentiality and integrity of stored authentication information is not preserved The SMMC mechanism relies on MAF, which in turns relies on the security of the underlying operating system implementation. The handler is protected from being substituted or overwritten with another program through the multi-mode authentication and policy enforcement functionalities of MAF. Substitution is prevented through an entry in the list of registered handlers ( usr bin handlerSMMC 2 ) identifying its location, while overwrite is prevented using the following policy rule in the MAF policy file ( etc MAF defaultPolicy ) Jan03b , which also grants exclusive access to the file containing the certificate of the user maintained by th. . . This item ships from La Vergne,TN.
2
Oeuvres de Machiavel (2 )
EN NWISBN: 9781234084240 bzw. 1234084244, in Englisch, General Books LLC, General Books LLC, General Books LLC, neu.
Lieferung aus: Vereinigte Staaten von Amerika, zzgl. Versandkosten, Free Shipping on eligible orders over $25.
U.S. Government, Niccolo Machiavelli, Paperback, English-language edition, Pub by General Books LLC.
U.S. Government, Niccolo Machiavelli, Paperback, English-language edition, Pub by General Books LLC.
Lade…