Security Basics mailing list archives
RE: Multi-Factor Authentication Concern
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 15 Aug 2007 12:11:40 -0700
The nuclear launch safeguard is NOT an example of "Multi-Factor Authentication", but of "Segregation of Duties". (It's an unusual case in that the segregation can apparently be completely symmetric -- not usually the case in business! -- but that's not relevant to this discussion.) Each launch operator is effectively both identified and authenticated by their key. The security here is not robustness of authentication (presumably physical access to the site is considered sufficient...), but controlling against rogue internals by requiring collusion. It's the use of a different sort of control to mitigate against a different kind of security threat. David Gillett
Current thread:
- RE: Multi-Factor Authentication Concern, (continued)
- RE: Multi-Factor Authentication Concern David Harley (Aug 15)
- RE: Multi-Factor Authentication Concern Devin Rambo (Aug 14)
- Re: Multi-Factor Authentication Concern Chad Perrin (Aug 15)
- Re: Multi-Factor Authentication Concern Roch (Aug 14)
- RE: Multi-Factor Authentication Concern Tony Reusser (Aug 15)
- RE: Multi-Factor Authentication Concern Uber Wannabe (Aug 15)
- RE: Multi-Factor Authentication Concern Mngadi, Simphiwe (SS) (Aug 16)
- RE: Multi-Factor Authentication Concern Mngadi, Simphiwe (SS) (Aug 15)
- Re: Multi-Factor Authentication Concern Mike Lococo (Aug 14)
- RE: Multi-Factor Authentication Concern Tep, Tom M. (CDC/CCHP/NCCDPHP) (Aug 15)
- RE: Multi-Factor Authentication Concern David Gillett (Aug 15)
- Re: Multi-Factor Authentication Concern Cristina & Fernando (Aug 15)
- Re: Multi-Factor Authentication Concern Ryan Chow (Aug 16)
- RE: Multi-Factor Authentication Concern Mngadi, Simphiwe (SS) (Aug 16)
- Re: Multi-Factor Authentication Concern Cristina & Fernando (Aug 16)
- RE: Multi-Factor Authentication Concern Mngadi, Simphiwe (SS) (Aug 16)
- Re: Multi-Factor Authentication Concern Cristina & Fernando (Aug 16)
- RE: Multi-Factor Authentication Concern Justin Ross (Aug 16)
- RE: Multi-Factor Authentication Concern Uber Wannabe (Aug 16)
- RE: Multi-Factor Authentication Concern Mngadi, Simphiwe (SS) (Aug 17)
- Re: Multi-Factor Authentication Concern Mark Boots (Aug 17)