| Author(s): |
Shirley M. Radack; |
| Title: |
Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of their Information Systems |
| Published: |
December 22, 2011 |
| Abstract: |
This bulletin summarizes the information presented in NIST Special Publication (SP) 800-63-1, Electronic Authentication Guideline. This revised guideline, which supersedes an earlier guideline, NIST SP 800-63, updates information about, and recommendations for the secure implementation of electronic authentication methods, reflecting changing technology and current uses of e-authentication techniques. SP 800-63-1 provides technical guidelines to assist agencies in authenticating individuals remotely accessing Federal information technology (IT) systems. The bulletin covers Office of Management and Budget (OMB) Memorandum M-04-04, E-Authentication Guidance for Federal Agencies, which directs agencies to implement e-authentication methods based on their assessments of risks and the assurance levels required to protect systems and privacy; the steps in the e-authentication process; and the technical requirements for four assurance levels. References are provided to additional sources of information on e-authentication. |
| Citation: |
ITLB - |
| Pages: |
7 pp. |
| Keywords: |
authentication; authentication assurance; electronic authentication; electronic credentials; electronic transactions; identity proofing; information security; passwords; Personal Identity Verification; privacy; Public Key Infrastructure, risk assessments; risk management; security controls; system security; tokens |
| Research Areas: |
Information Technology, Computer Security, Cybersecurity |
| PDF version: |
 Click here to retrieve PDF version of paper (170KB) |
