This bulletin summarizes the information presented in NIST Special Publication (SP) 800-63-1, Electronic Authentication Guideline. This revised guideline, which supersedes an earlier guideline, NIST SP 800-63, updates information about, and recommendations for the secure implementation of electronic authentication methods, reflecting changing technology and current uses of e-authentication techniques. SP 800-63-1 provides technical guidelines to assist agencies in authenticating individuals remotely accessing Federal information technology (IT) systems. The bulletin covers Office of Management and Budget (OMB) Memorandum M-04-04, E-Authentication Guidance for Federal Agencies, which directs agencies to implement e-authentication methods based on their assessments of risks and the assurance levels required to protect systems and privacy; the steps in the e-authentication process; and the technical requirements for four assurance levels. References are provided to additional sources of information on e-authentication.
Citation: ITL Bulletin -
NIST Pub Series: ITL Bulletin
Pub Type: NIST Pubs
authentication, authentication assurance, electronic authentication, electronic credentials, electronic transactions, identity proofing, information security, passwords, Personal Identity Verification, privacy, Public Key Infrastructure, risk assessments, risk management, security controls, system security, tokens