CAN/CSA-ISO/IEC 9798-1-02

Scope

This part of ISO/IEC 9798 specifies an authentication model and general requirements and constraints for entity authentication mechanisms which use security techniques. These mechanisms are used to corroborate that an entity is the one that is claimed. An entity to be authenticated proves its identity by showing its knowledge of a secret. The mechanisms are defined as exchanges of information between entities, and where required, exchanges with a trusted third party.

The details of the mechanisms and the contents of the authentication exchanges are not specified in this part of ISO/IEC 9798 but in the subsequent parts. Certain of the mechanisms specified in subsequent parts of ISO/IEC 9798 can be used to help provide nonrepudiation services, mechanisms for which are specified in ISO/IEC 13888. The provision of nonrepudiation services is beyond the scope of ISO/IEC 9798.