|
Supplemental Access Control
Supplemental access control (SAC) is a set of security features defined by ICAO for protecting data contained in electronic travel documents (e.g. Biometric passport, electronic passports). SAC specifies the ''Password Authenticated Connection Establishment'' (PACE) protocol, which itself supplements and improves upon the Basic Access Control (BAC) protocol also established by ICAO. PACE, like BAC, prevents two types of attacks: * Skimming (online attack that consists in reading the RFID chip without physical access to the document and without the holder's approval). Prior to reading the chip, the inspection system needs to know some data that is printed on the document (e.g. the MRZ) or a key that is known only to the holder (personal identification number (PIN)), which means he has willingly handed the document for inspection. While BAC works only with the MRZ, PACE allows using card access numbers (short keys printed on the document) and PINs. * Eavesdropping (offline attack that ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ICAO
The International Civil Aviation Organization (ICAO ) is a specialized agency of the United Nations that coordinates the principles and techniques of international air navigation, and fosters the planning and development of international scheduled air transport, air transport to ensure safe and orderly growth. The ICAO headquarters are located in the Quartier international de Montréal of Montreal, Quebec, Canada. The ICAO Council adopts standards and recommended practices concerning air navigation, its infrastructure, flight inspection, prevention of unlawful interference, and facilitation of border-crossing procedures for international civil aviation. ICAO defines the protocols for Aviation accidents and incidents, air accident investigation that are followed by :Organizations investigating aviation accidents and incidents, transport safety authorities in countries signatory to the Convention on International Civil Aviation. The Air Navigation Commission (ANC) is the techn ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Biometric Passport
A biometric passport (also known as an electronic passport, e-passport or a digital passport) is a passport that has an embedded electronic microprocessor chip, which contains biometrics, biometric information that can be used to authenticate the identity of the passport holder. It uses contactless smart card technology, including a microprocessor chip (computer chip) and antenna (for both power to the chip and communication) embedded in the front or back cover, or centre page, of the passport. The passport's critical information is printed on the data page of the passport, repeated on the Machine-readable passport, machine readable lines and stored in the chip. Public key infrastructure (PKI) is used to authenticate the data stored electronically in the passport chip, making it expensive and difficult to forge when all security mechanisms are fully and correctly implemented. Most countries are issuing biometric passports to their citizens. Malaysia was the first country to iss ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Basic Access Control
Basic access control (BAC) is a mechanism specified to ensure only authorized parties can wirelessly read personal information from passports with an RFID chip. It uses data such as the passport number, date of birth and expiration date to negotiate a session key. This key can then be used to encrypt the communication between the passport's chip and a reading device. This mechanism is intended to ensure that the owner of a passport can decide who can read the electronic contents of the passport. This mechanism was first introduced into the German passport on 1 November 2005 and is now also used in many other countries (e.g., United States passports since August 2007). Inner workings The data used to encrypt the BAC communication can be read electronically from the bottom of the passport called the machine readable zone. Because physical access to the passport is assumed to be needed to know this part of the passport it is assumed that the owner of the passport has given permissio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
RFID
Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder called a tag, a radio receiver, and a transmitter. When triggered by an electromagnetic interrogation pulse from a nearby RFID reader device, the tag transmits digital data, usually an identifying inventory number, back to the reader. This number can be used to track inventory goods. Passive tags are powered by energy from the RFID reader's interrogating radio waves. Active tags are powered by a battery and thus can be read at a greater range from the RFID reader, up to hundreds of meters. Unlike a barcode, the tag does not need to be within the line of sight of the reader, so it may be embedded in the tracked object. RFID is one method of automatic identification and data capture (AIDC). RFID tags are used in many industries. For example, an RFID tag attached to an automobile during product ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Personal Identification Number
A personal identification number (PIN; sometimes RAS syndrome, redundantly a PIN code or PIN number) is a numeric (sometimes alpha-numeric) passcode used in the process of authenticating a user accessing a system. The PIN has been the key to facilitating the private data exchange between different data-processing centers in computer networks for financial institutions, governments, and enterprises. PINs may be used to authenticate banking systems with cardholders, governments with citizens, enterprises with employees, and computers with users, among other uses. In common usage, PINs are used in ATM or PO transactions, secure access control (e.g. computer access, door access, car access), internet transactions, or to log into a restricted website. History The PIN originated with the introduction of the automated teller machine (ATM) in 1967, as an efficient way for banks to dispense cash to their customers. The first ATM system was that of Barclays in London, in 1967; it accepted ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Access Control
In physical security and information security, access control (AC) is the action of deciding whether a subject should be granted or denied access to an object (for example, a place or a resource). The act of ''accessing'' may mean consuming, entering, or using. It is often used interchangeably with authorization, although the authorization may be granted well in advance of the access control decision. Access control on digital platforms is also termed admission control. The protection of external databases is essential to preserve digital security. Access control is considered to be a significant aspect of privacy that should be further studied. Access control policy (also access policy) is part of an organization’s security policy. In order to verify the access control policy, organizations use an access control model. General security policies require designing or selecting appropriate security controls to satisfy an organization's risk appetite - access policies ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
