Command codes are specialized access codes used to access key command level functions. Such functions include most starship operations but more specifically allow personnel to access critical diagnostic, operational, and override functions of the main computer. All key functions are operated by command code.
Multifactor Authentication
Access to command functions is obtained through multifactor authentication schemes, these schemes utilize one or more of the following authentication parameters:
- Something You Know (i.e. access codes or username / password)
- Something You Have (i.e. physical access card or physical access key-fob)
- Something You Are (i.e. DNA, voice print, finger print, retinal scan, or other personally unique biometric data)
Access Cards / Fobs
In the case of a physical access card to key-fob, these require to be scanned by the computer or the short-lived alpha-numeric code for the device provided be input before access can be granted. When a key-fob produced a unique code, it lasts for 20 seconds, then it changed to a random or otherwise unpredictable code. Even if the proper access code or biometric data is given, if such a code or access is not available.
Combadge
A combadge provides multiple functions for the authentication process. For one, it can generate two forms of authentication. The device is equipped with a DNA scanner which, when attached close to the body (such as on clothes), is able to scan the wearers DNA and transmit verification data to the main computer. Secondly the device generates a 4096 bit authentication key every 20 seconds, this key is generated by the main computer as well. If the computers key and the combadge key both match, then this provides the same kind of authentication as key-fob.
Fourth Factor Authentication
Commands which require four factors of authentication require all three factors above and an additional biometric verification, usually voice print and DNA / retinal scan match before access is granted.
Command Levels
Command codes are given most often by rank, but specialized access may be given by someone of a given level, or above, overriding default access. Such instances are most often used with Non-Commissioned Officers who require specialized access but do not have specific rank. Usage of such access overrides is required to be audited but security personnel and reported on to the commanding officer or flag officer who originally granted the access. The table below indicates default access levels determined by rank.
Level | Granted To | Code Complexity | Authentication | Functions |
---|---|---|---|---|
Level 0 | Civilian | 6 Token Code | Single Factor | *Basic library computer access
|
Level 1 | Enlisted | 8 Token Code | Single Factor | * Secure access to BlueNet
|
Level 2 | Commissioned Officers | 8 Token Code | Two Factor | * Advanced diagnostic control
|
Level 3 | Department Heads | 8 Token Code | Two Factor | * Command functions
|
Level 4 | Executive Officer | 8 Token Code | Three Factor | * Override command functions
|
Level 5 | Commanding Officer | 8 Token Code | Three Factor | * Localize command functions
|
Level 6 | Temporal Operatives | 10 Token Code | Three Factor | * Authorize use of time travel
|
Level 7 | Flag Officers | 10 Token Code | Four Factor | * Access all mission data for any operation currently underway
|
Level 8 | Fleet Admiral | 10 Token Code | Four Factor | * Re-task temporal surveillance assets
|
In this case, a token is defined as a word from the Phonetic Alphabet table or a number.