A Strong Three-Factor Authentication Device: Trusted DAVE and the New Generic Content-Based Information Security (CBIS) Architecture


  1. Savoie, J.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN)
This report has three objectives. The first objective is to provide a description/analysis of the Trusted DAVE activity performed by DRDC Ottawa and its contractors. The second is to describe different systems where the demonstrator produced under this activity could be used. The last is to analyse, study, and compare different types of network/system architectures. The activity involved the development of three elements: A secure design for a three-factor Trusted Device for Authentication and VErification (Trusted DAVE), a device demonstrator implementing some of those design elements, and an authentication and verification demonstration system that utilises the device demonstrator. The purpose of the device is to provide the user interface component to be used as a part of a strong Verification and Authentication (V&A) capability for systems used to process classified or sensitive data. Four possible systems that could use Trusted DAVE are presented. Two of them are related to the CBIS (Content-Based Information Security) concepts and one integrates CBIS and Kerberos. Finally, three architectures for network systems are presented with their advantages and their limitations. A Generic CBIS architecture covering the one specified in the US CBIS ACTD is defined and compared with the two others. The purpose of the Generic CBIS architecture is threefold: (1) provide an architecture for systems generalizing the US ACTD one, (2) illustrate the architecture’s fundamental aspects,

Il y a un résumé en français ici.

Report Number
DRDC-OTTAWA-TM-2004-198 — Technical Memorandum
Date of publication
01 Nov 2004
Number of Pages

Permanent link

Document 1 of 1

Date modified: