IEEE 1667:2006 pdf free download

IEEE 1667:2006 pdf free download.IEEE Standard Protocol for Authentication in Host Attachments of Transient Storage Devices.
9.2.1 Manufacturer Certificate (ASCm)
This certificate chain is defined by the device manufacturer and is built into each Authentication Silo. The certificate chain is signed by die manufacturer root certificate and is immutable. The fields in this certificate will be as defined in the X.509 Version I certificate definition. The ASCm certificate is based on the Authentication Silo’s ASKP. An ASCm will contain the unique silo globally unique identifier (GUID).
This certificate chain may exceed the general 2 KB size limit on certificates stored in the Certificate Store.
9.2.2 Provisioning Certificate (PCp)
This certificate is used to provision Authentication Silos. When an Authentication Silo is provisioned, the certificate is written to this location. Only a host that authenticates with PCp can clear PCp by initializing the silo. Any host that can authenticate using a certificate signed by PCp can change 1-ICh and ASCh.
9.2.3 Authentication Silo Certificate(s) (ASCh)
This certificate chain is used to authenticate the silo to a host. It is a certificate chain based on the ASKP and is signed by a root trusted by the host.
Each ASCIi certificate chain will be stored as indiidual certificates in the Certiticate Store. The host will be required to read all ASCh certificates and reassemble the certificate chains.
9.2.4 Host Certificate(s) (HCh)
One or more certificate(s) used to authenticate hosts. It is a self-signed root certificate. Any certificate descended from HUh may be used by the silo to authenticate the host.
The main certificate hierarchy is presented in Figure 2.
Host Certificates are validated only by the constraint that these certificates can only be added to the device after Administrative Authentication.
Each time authentication is required the following steps will be executed:
— The Authentication Silo will challenge the Host using the relevant ASUh certificate, if needed, for a specified Authentication Silo. (Authenticate Host command)
— If authentication is successful, the Authentication Silo will enter the Authenticated state.
— The host may authenticate the device before or after the device authenticates the host, but device authentication of the host may not he interleaved with the actions used to authenticate the host. (Challenge Authentication Silo command)