Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Shirley M. Radack;|
|Title:||Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of their Information Systems|
|Published:||December 22, 2011|
|Abstract:||This bulletin summarizes the information presented in NIST Special Publication (SP) 800-63-1, Electronic Authentication Guideline. This revised guideline, which supersedes an earlier guideline, NIST SP 800-63, updates information about, and recommendations for the secure implementation of electronic authentication methods, reflecting changing technology and current uses of e-authentication techniques. SP 800-63-1 provides technical guidelines to assist agencies in authenticating individuals remotely accessing Federal information technology (IT) systems. The bulletin covers Office of Management and Budget (OMB) Memorandum M-04-04, E-Authentication Guidance for Federal Agencies, which directs agencies to implement e-authentication methods based on their assessments of risks and the assurance levels required to protect systems and privacy; the steps in the e-authentication process; and the technical requirements for four assurance levels. References are provided to additional sources of information on e-authentication.|
|Keywords:||authentication, authentication assurance, electronic authentication, electronic credentials, electronic transactions, identity proofing, information security, passwords, Personal Identity Verification, privacy, Public Key Infrastructure, risk assessments, risk management, security controls, system security, tokens|
|Research Areas:||Information Technology, Computer Security, Cybersecurity|
|PDF version:||Click here to retrieve PDF version of paper (174KB)|