1.1: Identification and Authentication Standards

Establish comprehensive identification and authentication standards based on defined risk models.

Other Information:

The development and adoption of national standards of practice for online identification and authentication processes is critical in promoting consistency and trust in a distributed online environment with radically diverse transaction types and diverse identity management solutions. A risk model provides the capability to assess and tailor the level of security to the risk of the transaction; it also provides a common understanding of the level of assurance required based upon the types of threats and the potential severity of impacts when conducting a particular type of transaction. These standards, which may be based on existing efforts within international standards organizations, will define how to remotely authenticate and govern, manage and execute the digital identity of users, devices, and services over open networks to provide the desired level of interoperability and security commensurate with the risk of the transaction. The standards must also enable consistency, while maintaining agility to adapt as security threats evolve and the market innovates.

Indicator(s):

Indicator:1

Content