OATH, the Initiative for Open AuTHentication, said that it has completed the Symmetric Key Provisioning work that it had undertaken in collaboration with the Internet Engineering Task Force.
The working group has approved three standards that specify the necessary protocols and data formats to support transport and provisioning of symmetric keys and related meta-data as used in OATH authentication tokens, the group noted in a release.
These standards are designed to enable both offline and online provisioning scenarios; as well as both single and bulk provisioning scenarios:
-Portable Symmetric Key Container - RFC 6030
-CMS Symmetric Key Package Content Type - RFC 6031
-Dynamic Symmetric Key Provisioning Protocol - RFC 6063
These standards will enable provisioning of OATH OTP tokens dynamically into mass market consumer devices such as mobile phones, USB flash drives, desktops and fingerprint sensors. This will also obviate the need for consumers to carry a special purpose token for authentication to consumer or enterprise applications.
"This is an important milestone in improving usability, reducing cost and proliferating strong authentication widely to consumers," said Don Malloy, Chair of the OATH Marketing Working Group and Director of Business Development for NagraID Security.
"These standards will facilitate interoperability for provisioning both authentication tokens and validation systems across vendors, enabling enterprises to easily deploy strong authentication to large user bases without relying on components sourced from a single vendor," said Mingliang Pei, OATH Technical Committee Co-Chair and Technical Director at Symantec.
OATH will be exhibiting at the RSA Conference in San Francisco Feb. 14-18.
The Initiative for Open AuTHentication is a collaboration of device, platform and application companies, and end user customers of authentication technologies.
((Comments on this story may be sent to health@closeupmedia.com))
No comments:
Post a Comment