mailing list archives
RE: Multi-Factor Authentication Concern
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 15 Aug 2007 12:11:40 -0700
The nuclear launch safeguard is NOT an example of "Multi-Factor
Authentication", but of "Segregation of Duties". (It's an unusual
case in that the segregation can apparently be completely symmetric
-- not usually the case in business! -- but that's not relevant to
Each launch operator is effectively both identified and
authenticated by their key. The security here is not robustness
of authentication (presumably physical access to the site is
considered sufficient...), but controlling against rogue internals
by requiring collusion.
It's the use of a different sort of control to mitigate against
a different kind of security threat.