|
An e-Token - What is it?
An e-Token, pictured above, is a USB security token that
provides individuals with an extremely-secure, digital credential
for conducting trusted activities via the global Internet.
The person to whom the credential has been assigned uses
the token to identify his or herself to relying parties
- by inserting the token into the USB port of a computer
and,
- when prompted, entering an activation password known only
to the credentialed individual.
Why an e-Token is Extremely Secure
- Only the "owner" should ever know the activation password.
- The activation password is never transmitted over a network.
- Private/public keys required for digital IDs are generated only
on the token.
- Private keys generated on the token never leave the token.
- To use digital credentials contained in a token, an individual must
both have the token and know its activation password - hence the phrase
"two-factor" authentication.
- If the token is lost and someone tries to use it, the token becomes
deactivated after only a few failed attempts to enter a password.
- Before a deactivated token can be re-used as a credential, it must
be re-formatted, assigned anew to an identified individual, and triggered
to generate new keys.
Last Modified:
Academic
Technology
Copyright © 2005The
University of Texas Health Science Center at Houston
|
