General framework of combined authentication on multiple identity service provider environments |
|
Recently, many application services, especially financial services, require more reliable or combined authentication methods such as multifactor authentication due to the increase in identity (ID) theft. For example, one-time password authentication and other new authentication methods are used instead of traditional password-based authentication.
The combinations of authentication methods provide multiple identity service providers (IdSPs) the ability to enhance the assurance of authentication. Recommendation ITU-T X.1154 provides the general framework of combined authentication in multiple IdSP environments for a service provider. In this Recommendation, three types of combined authentication methods are considered: multifactor authentication, multi-method authentication and multiple authentications.
The framework in this Recommendation describes models, basic operations and security requirements for each model component and each message between the model components to maintain an overall level of authentication assurance in situations of a combination of multiple IdSPs.
In addition, the framework also describes models, basic operations and security requirements to support the authentication service that manages a combination of multiple IdSPs.
|
|
Citation: |
https://handle.itu.int/11.1002/1000/11748 |
Series title: |
X series: Data networks, open system communications and security X.1100-X.1199: Secure applications and services (I) X.1150-X.1159: Application Security (I) |
Approval date: |
2013-04-26 |
Provisional name: | X.sap-4 |
Approval process: | TAP |
Status: |
In force |
Maintenance responsibility: |
ITU-T Study Group 17 |
Further details: |
Patent statement(s)
Development history
|
|
|
Ed. |
ITU-T Recommendation |
Status |
Summary |
Table of Contents |
Download |
1
|
X.1154 (04/2013)
|
In force
|
here
|
here
|
here
|
Title |
Approved on |
Download |
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|