|
Work item:
|
X.1254 (ex X.eaa)
|
|
Subject/title:
|
Entity authentication assurance framework
|
|
Status:
|
Approved on 2012-09-07 [Issued from previous study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ISO/IEC JTC 1/SC 27, Liberty Alliance
|
|
Supporting members:
|
-
|
|
Summary:
|
This Recommendation defines four levels of entity authentication assurance (i.e., LoA 1 - LoA 4); and the criteria and threats for each of the four levels of entity authentication assurance. Additionally it:
o specifies a framework for managing the assurance levels;
o based on a risk assessment, provides guidance concerning control technologies that to be used to mitigate authentication threats to authentication;
o provides guidance for mapping the four levels of assurance to other authentication assurance schemas; and
o provides guidance for exchanging the results of authentication that are based on the four levels of assurance.
|
|
Comment:
|
Related text (neither common nor twin text)
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2008-05-09 10:38:46
|
|
Last update:
2012-10-26 14:10:43
|
