Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach

  • Ramaswamy Chandramouli
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6166)


Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe the development and application of a new methodology called SID-AAM (where the abbreviation stands for Smart Identity Token - Authentication Assurance Level Methodology) that identifies a new set of authentication factors appropriate for this technology, identifies all the security properties that need to be verified based on bindings between various entities involved in the authentication processes and then derives an authentication assurance level taxonomy based on the set of security properties verified in the various authentication modes specified in the deployment. The advantages of SID-AAM methodology compared to current approaches for determining authentication assurance levels for smart identity token deployments are highlighted.


  1. 1.
    Securing e-business applications using Smart Cards. IBM Systems Journal 40(3) (2001),
  2. 2.
    Kumar, M.: New Remote User Authentication Scheme Using Smart Cards. IEEE Transactions on Consumer Electronics 50(2), 597–600 (2004)CrossRefGoogle Scholar
  3. 3.
    FIPS 201 - Personal Identity Verification of Federal Employees and Contractors,
  4. 4.
    TWIC Reader Hardware And Card Application Specification, May 30 (2008),

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Ramaswamy Chandramouli
    • 1
  1. 1.National Institute of Standards and TechnologyGaithersburgUSA

Personalised recommendations