Identity Proofing: Difference between revisions
| Line 7: | Line 7: | ||
==Problem== | ==Problem== | ||
On the internet no one knows your are a dog without [[Identity Proofing]]. | *On the internet no one knows your are a dog without [[Identity Proofing]]. | ||
* NIST 800-63-3 (see below) has this description.<blockquote>Identity proofing establishes that a subject is who they claim to be. Digital authentication establishes that a subject attempting to access a digital service is in control of one or more valid authenticators associated with that subject’s digital identity. For services in which return visits are applicable, successfully authenticating provides reasonable risk-based assurances that the subject accessing the service today is the same as that which accessed the service previously. Digital identity presents a technical challenge because this process often involves proofing individuals over an open network, and always involves the authentication of individual subjects over an open network to access digital government services. The processes and technologies to establish and use digital identities offer multiple opportunities for impersonation and other attacks.<\blockquote> | |||
==Solutions== | ==Solutions== | ||
Revision as of 04:32, 18 November 2019
Full Title or Meme
The process of evaluating evidence of the Identifiers and Attributes that are associated with a human being.
Context
- Also see Identity Proofing Use Case
- Attestation is the term typically used for proofing organizations or software implementations.
Problem
- On the internet no one knows your are a dog without Identity Proofing.
- NIST 800-63-3 (see below) has this description.
Identity proofing establishes that a subject is who they claim to be. Digital authentication establishes that a subject attempting to access a digital service is in control of one or more valid authenticators associated with that subject’s digital identity. For services in which return visits are applicable, successfully authenticating provides reasonable risk-based assurances that the subject accessing the service today is the same as that which accessed the service previously. Digital identity presents a technical challenge because this process often involves proofing individuals over an open network, and always involves the authentication of individual subjects over an open network to access digital government services. The processes and technologies to establish and use digital identities offer multiple opportunities for impersonation and other attacks.<\blockquote>
Solutions
References
- New version of SP 800-63-3 with Assurance separated out from the Identifier or Federation Attributes.