Summary

Recommendation ITU-T X.1254 specifies three entity authentication assurance levels (AALs), and criteria for and threats to each of them.

Additionally, it:

•            establishes a framework for managing AALs;

•            provides guidance concerning control technologies that are to be used to mitigate authentication threats, based on a risk assessment;

•            provides guidance for mapping the three AALs to other authentication assurance schemas; and

•            provides guidance for exchanging the results of authentication that are based on the three AALs.