People prove their identities everyday by showing the possession of access tokens. Using a key to open a lock may be the most common form. As one may access many locks, traditional master keys were designed to enable accessing multiple locks with a single key. Nevertheless, master keys are not widely used. Instead, people carry multiple access tokens for entity authentications, for example, keys, magnetic stripe cards, smart cards, RFID tags, and other tokens.
Traditional master keys are convenient. One does not need to carry many keys and memorize relationships between keys and locks. However, traditional master keys have fatal problems that are not suitable for everyone's daily usage. For example, the delegation of a master key equals delegating access to all locks that one has privilege to access. Revocation of a master key is costly because the locks that the master can open and the keys of other owners need to be replaced. In addition, if an intruder acquires a master key, then the intruder may open many locks. Moreover, locks that support master keys are vulnerable to the malicious insider who has a normal key.
The use of multiple access tokens does not have the fatal delegation and revocation problems as traditional master keys have because one token usually matches one lock. If a key-lock pair is compromised, it does not put other locks at risk. Issues of delegation and revocation are better addressed by replacing keys with modern access tokens, for instance, a hotel room key in the form of a magnetic stripe card or a smart card. With the encoding of privileges within a digital form, the delegation and revocation of the privileges are done on the computers at the front desks. Moreover, modern access tokens improve usability in a wide variety of applications, for example, unlocking a car using a remote control; accessing an enterprise facility using a smart card badge; entering a parking facility using a RFID gate card; opening a hotel room using a magnetic stripe card; or locking and unlocking a computer by wearing a token. Additional token designs are emerging as well as their applications. Nevertheless, the management of access tokens and memorizing the token-lock relationships become inconvenient and difficult as the number of tokens increases.
In pervasive computing environments, entity authentications might be ubiquitously necessary. There is a need for a way to achieve both the advantages of traditional master keys and multiple access tokens while avoiding their disadvantages. The teachings of the present disclosure fulfill this need.