ISO/IEC 29115 Entity Authentication Assurance

From IDESG Wiki
Jump to navigation Jump to search

Title: Entity Authentication Assurance


Version: 2013

Date: 2013-03-27


ISO/IEC 29115:2013 provides a framework for managing entity authentication assurance in a given context.


In particular, it:

  • specifies four levels of entity authentication assurance;
  • specifies criteria and guidelines for achieving each of the four levels of entity authentication assurance;
  • provides guidance for mapping other authentication assurance schemes to the four LoAs;
  • provides guidance for exchanging the results of authentication that are based on the four LoAs; and
  • provides guidance concerning controls that should be used to mitigate authentication threats.

Derived from NIST SP 800-63-2 which has been replaced in the US by version 3.