Skip to main content

NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin summarizes the information presented in NISTIR 7817, A Credential Reliability and Revocation Model for Federated Identities, written by Hildegard Ferraiolo. The publication analyzes the different types of digital credentials used in authenticating the identity of remote users of information systems and recommends practices to improve system security and information privacy. Topics discussed in the publication include challenges in managing the different types of identity services, recommendations for improving the process for the revocation of credentials when there are threats and risks to systems, and a proposal for the formation of a uniform reliability and revocation service that includes the participation of all parties of a federated community. The bulletin summarizes these topics and includes references to additional sources of information on identity management.
Citation
ITL Bulletin -

Keywords

authentication, identity credentials, identity management, identity management systems, information privacy, information security, information systems, security management, security risks, security threats

Citation

Radack, S. (2013), Managing Identity Requirements for Remote Users of Information Systems to Protect System Security and Information Privacy, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=913241 (Accessed October 14, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created January 29, 2013, Updated January 27, 2020
Was this page helpful?