标准摘要
[中文适用范围]: ISO/IEC 9798 的这一部分指定了四种基于身份验证设备之间的手动数据传输的实体身份验证机制。 如附件 A 和 B 中所述,这些机制可用于支持关键管理功能;附件 C 提供了有关机制参数安全选择的指导。 此类机制可能适用于各种情况。 一种这样的应用发生在个人网络中,其中能够进行无线通信的两个个人设备的所有者希望它们执行实体认证过程,作为准备它们在网络中使用的过程的一部分。 [外文原描述]: ISO/IEC 9798-6:2005 specifies four entity authentication mechanisms based on manual data transfer between authenticating devices. Such mechanisms may be appropriate in a variety of circumstances. One such application occurs in Personal Area Networks, where the owner of two personal devices capable of wireless communications wishes them to perform an entity authentication procedure as part of the process of preparing them for use in the network. These mechanisms may also be used to support key management functions. ISO/IEC 9798-6:2005 specifies mechanisms in which entity authentication is achieved by manually transferring short data strings from one device to the other, ormanually comparing short data strings output by the two devices. In ISO/IEC 9798-6:2005, the meaning of the term entity authentication is different to the meaning applied in other parts of ISO/IEC 9798. Instead of one device verifying that the other device has a claimed identity (and vice versa), both devices in possession of a user verify that they correctly share a data string with the other device at the time of execution of the mechanism. Of course, this data string could contain identifiers for one or both of the devices.
英文名称Information technology - Security techniques - Entity authentication - Part 6: Mechanisms using manual data transfer