 |
 |
|
|
To confirm that you are whom you say you are and they are whom you think they are.
In the future, Signatures and Notary Public Seals/Stamps of approval will become digital and WILL become legally binding. I say WILL because we are not yet at that stage, but at some time in the near future, some Lawyer will find a way to make Digital Signatures leagally binding, but we must have a fool-proof non-repudation method activated prior to such law and that has yet to happen.
IPSec Specifications for User Authentication have yet to be completed. (Still many drafts without a final solution yet decided upon)
How to Authenticate
The person claiming to be whom he is must show/have/prove without a shadow of a doubt that he is whom he says he is.
Proving that you have a certain Private Key doesn't necessarily mean that you are that person. You may have stolen somebody elses Private Key and are trying to provide false identification. How can you prove that you are who you are is a multi-faceted problem with numerous ideas and proposals as to how to go about performing authentication, but each of them have at least one or more drawbacks and an impenetrable solution has yet to be found.
Biometrics: Fingerprint, Retena Scan, etc.
These are up and coming technologies which we've all watched on TV from James Bond 007 to Mission Impossible, etc. but they are available on the market today. They are also penetrable as well in their current infantcy.
スマートカード+暗証番号、その他のハードウェアを持つこと
確認する手段
チャレンジ及び答え
本人しか知らないこと
本人しか持っていない物(トークン・スマートカード・秘密鍵・指・目)
公証(ピギーバック出来ない方法)
公証はチャレンジ時のみではなく、常に認証可能な方式