Physical Keys
Next: Passwords
Up: Identifying Users
Previous: Identifying Users
A physical key is an object whose characteristics are somehow
secret, and which is usually somewhat difficult to reproduce.
It could be:
- a piece of machined metal that unlocks the computer;
- a hardware device that attaches to an I/O channel (e.g., a serial
line with an RS-232 connector),
which can be interrogated by the system,
and which must be present to execute certain programs;
- a smart card, which is a credit-card-sized circuit
board which contains some form of non-volatile memory, and may
even have a CPU.
The risks of physical keys are familiar and obvious:
- keys can be forgotten, broken, lost, borrowed or lent;
- keys can be stolen, or copied (by a determined user);
- keys and compromised locks can be expensive to replace;
- it can be difficult or impossible
to automatically or remotely revise authorizations
associated with a particular physical key.
- physical keys must be physically managed, i.e., stored, logged,
kept secure, etc.
Often a physical key is used with a password or biometric check.
John Barkley
Fri Oct 7 16:17:21 EDT 1994