Abstract
NIST Special Publication 800-63-3 presents a new risk management concept on digital identity. It includes various harm categories to determine an appropriate assurance level for identity proofing, authentication, and federation. These three distinct approaches are highlighted to give flexibility in protecting systems. This paper explores if this is a realized flexibility by developing a tool to test assurance level and component flexibility. It also identifies appropriate MFA levels given different levels of risks and makes three recommendations to help improve the adoption of the NIST digital identity guidelines.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Paper version not known
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Conference on Cyber Warfare and Security
Paper Title
Journal
Date
