Difference between revisions of "ISO/IEC 29115 Entity Authentication Assurance"

From IDESG Wiki
Jump to: navigation, search
(Created page with "'''Title''': Entity Authentication Assurance <br/> '''URL''': http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=45138 <br/> '''Version''': 201...")
 
(Abstract)
 
(4 intermediate revisions by 2 users not shown)
Line 18: Line 18:
  
 
In particular, it:
 
In particular, it:
 +
*specifies four [[Level of Assurance|levels of entity authentication assurance]];
 +
*specifies criteria and guidelines for achieving each of the four levels of entity authentication assurance;
 +
*provides guidance for mapping other authentication assurance schemes to the four LoAs;
 +
*provides guidance for exchanging the results of authentication that are based on the four LoAs; and
 +
*provides guidance concerning controls that should be used to mitigate authentication threats.
  
- specifies four levels of entity authentication assurance;
+
Derived from [[NIST SP 800-63-2]] which has been replaced in the US by version 3.
 
+
- specifies criteria and guidelines for achieving each of the four levels of entity authentication assurance;
+
 
+
- provides guidance for mapping other authentication assurance schemes to the four LoAs;
+
 
+
- provides guidance for exchanging the results of authentication that are based on the four LoAs; and
+
 
+
- provides guidance concerning controls that should be used to mitigate authentication threats.
+
 
+
 
+
  
 
[[Category:Standards]]
 
[[Category:Standards]]
 
[[Category:Bibliography]]
 
[[Category:Bibliography]]
 +
[[Category:Assurance]]
 +
[[Category:Authentication]]

Latest revision as of 00:28, 24 August 2020

Title: Entity Authentication Assurance


URL: http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=45138


Version: 2013


Date: 2013-03-27


Description

ISO/IEC 29115:2013 provides a framework for managing entity authentication assurance in a given context.

Abstract

In particular, it:

  • specifies four levels of entity authentication assurance;
  • specifies criteria and guidelines for achieving each of the four levels of entity authentication assurance;
  • provides guidance for mapping other authentication assurance schemes to the four LoAs;
  • provides guidance for exchanging the results of authentication that are based on the four LoAs; and
  • provides guidance concerning controls that should be used to mitigate authentication threats.

Derived from NIST SP 800-63-2 which has been replaced in the US by version 3.