Skip to main content

ISO/IEC 9798-6:2010

Current Date published:

Information technology — Security techniques — Entity authentication — Part 6: Mechanisms using manual data transfer

ISO/IEC 9798-6:2010 specifies eight entity authentication mechanisms based on manual data transfer between authenticating devices. Four of these mechanisms are improved versions of mechanisms specified in ISO/IEC 9798-6:2005 since they use less user input and achieve more security. Such mechanisms can be appropriate in a variety of circumstances where there is no need for an existing public key infrastructure, shared secret keys or passwords. One such application occurs in personal networks, where the owner of two personal devices capable of wireless communications wishes them to perform an entity authentication procedure as part of the process of preparing them for use in the network. These mechanisms can also be used to support key management functions.

ISO/IEC 9798-6:2010 specifies mechanisms in which entity authentication is achieved by

  • manually transferring short data strings from one device to the other, or
  • manually comparing short data strings output by the two devices.

In ISO/IEC 9798-6:2010, the meaning of the term entity authentication is different from the meaning applied in other parts of ISO/IEC 9798. Instead of one device verifying that the other device has a claimed identity (and vice versa), both devices in possession of a user verify that they correctly share a data string with the other device at the time of execution of the mechanism. This data string could contain identifiers (and/or public keys) for one or both of the devices.

Get this standard Prices exclude GST
PDF ( Single user document)
$217.08 NZD
HardCopy
$217.08 NZD
Networkable PDF
Price varies
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 35

Previous versions

Keep me up-to-date

Sign up to receive updates when there are changes to this standard

Related Information

Similar Standards

  • BS 10754-1:2018

    Information technology. Systems trustworthiness, Governance and management specification

  • BS 7799-3:2017

    Information security management systems, Guidelines for information security risk management

  • BS 8626:2020

    Design and operation of online user identification systems. Code of practice

  • BS EN 16495:2019

    Air Traffic Management. Information security for organisations supporting civil aviation operations

Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 35

Previous versions

ISO/IEC 9798-6:2010

Get this standard Prices exclude GST
PDF ( Single user document)
$217.08 NZD
HardCopy
$217.08 NZD
Networkable PDF
Price varies

Request to add this standard to your subscription

ISO/IEC 9798-6:2010

Price varies
Online library subscription

Click "Send request for subscription" to request for your Account Administrator to add this standard to your subscripiton.

Cancel