ISO/IEC INTERNATIONAL STANDARD 10181-2 First edition 1996-05-15 Information technology Open Systems Interconnection --- Security frameworks for open systems: Authentication framework Technologies de I'information -- Interconnexion de systemes ouverts: Cadregenerald'authentification IEC ISO Reference number ISO/IEC 10181-2:1996(E) Copyright Intermational Organization for Standardization rmitted without license from IHS Not for Resale ISO/IEC 10181-2:1996(E) CONTENTS Page Scope... 1 2 Normative references .... 2 2.1 IdenticalRecommendationsIInternationalStandards 2 2.2 Paired Recommendations I International Standards equivalent in technical content .... 2 2.3 Additional references.... 2 3 Definitions. 2 4 Abbreviations. 4 5 General discussion of authentication... 4 5.1 Basic concepts of authentication .... 4 5.2 Aspects of authentication service.... 6 5.3 Principles used in authentication.... 8 5.4 Phases of authentication... 8 5.5 Trusted Third Party Involvement... 9 5.6 Types of principal ... 12 5.7 Human user authentication.. 13 5.8 Types of attack on authentication ... 13 6 Authentication information and facilities.. 15 6.1 Authentication information... 15 6.2 18 :1 Characteristics of authentication mechanisms... 22 7.1 Symmetry/Asymmetry... 22 7.2 Use of cryptographic/Non-cryptographic techniques 23 7.3 23 8 Authentication mechanisms .. 23 8.1 Classification by vulnerabilities... 23 8.2 Initiation of transfer ... 29 8.3 Use of authentication certificates ... 29 8.4 Mutual authentication ... 29 8.5 Summary of class characteristics . 30 8.6 Classification by configuration 30 9 Interactions with other security services/mechanisms 33 9.1 Access control. 33 9.2 Data integrity 33 9.3 Data confidentiality.. 34 9.4 Non-repudiation. 34 9.5 Audit 34 @ISO/IEC1996 All rights reserved.Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the publisher. ISO/IEC Copyright Office · Case postale 56 · CH-1211 Geneve 20 · Switzerland Printed in Switzerland Copyright Intermational Organization for Standardization orking permitted without license from IHS Not for Resale ISO/IEC 10181-2:1996(E) @ ISO/IEC Annex A -- Human user authentication... 35 Annex B -- Authentication in the OsI Model .. 37 Annex C- Countering replay using unique numbers or challenges 38 Annex D - Protection against some forms of attack on authentication.. 39 Annex E - Bibliography.... 42 Annex F -- Some specific examples of authentication mechanisms .. 43 Annex G Authentication facilities outine ......... 46 Copyright Intermational Organization for Standardization iii Provided by IHS unc cense with IS g permitted without license from IHS Not for Resale