The NIST Special Publication (SP) 800-63 document suite provides technical requirements for federal agencies implementing digital identity services in a four-volume set: SP 800-63-3 Digital Identity Guidelines, SP 800-63A Enrollment and Identity Proofing, SP 800-63B Authentication and Lifecycle Management, and SP 800-63C Federation and Assertions . The publication provides security and privacy controls for digital identity management for designated levels of assurance, including: identity proofing, authentication and use of authenticators, and identity federation. SP 800-63-3 establishes risk-based processes for the assessment of risks for identity management activities and selection of appropriate assurance levels and controls. Organizations have the flexibility to choose the appropriate assurance level to meet their specific needs.
The Draft Fourth Revision of NIST SP 800-63, Digital Identity Guidelines is available for review, and we need your feedback! NIST will accept all input submitted until 11:59pm on April 14, 2023, through the following site: https://csrc.nist.gov/publications/detail/sp/800-63/4/draft.
NIST held a virtual event, Digital Identity Guidelines – Kicking off Revision 4!, on January 12, 2023. Presentation slides are available here.