Cryptographic Token Interface Standard |
PKCS#11 |
A read/write session can be in one of three states, as illustrated in the following figure. When the session is opened, it is in either the "R/W Public Session" state (if the application has no previously open sessions that are logged in), the "R/W User Functions" state (if the application already has an open session that the normal user is logged into), or the "R/W SO Functions" state (if the application already has an open session that the SO is logged into).
The following table describes the session states:
Table 5, Read/Write Session States
State | Description |
R/W Public Session | The application has opened a read/write session. The application has read/write access to all public objects. |
R/W SO Functions | The Security Officer has been authenticated to the token. The application has read/write access only to public objects on the token, not to private objects. The SO can set the normal user's PIN. |
R/W User Functions | The normal user has been authenticated to the token. The application has read/write access to all objects. |