Guideline on Identity Assurance

Supports implementation of the minimum requirements for establishing the identity of an individual to a given level of assurance.

Date modified: 2016-03-04

Supporting tools

Guidelines:

Authentication Requirements, Guideline on Defining

Standard:

Standard on Identity and Credential Assurance, Directive on Identity Management - Appendix A

More information

Directive:

Identity Management, Directive on

Terminology:

Glossary

Hierarchy

Identity Management, Directive on
- Guideline on Identity Assurance
  - Authentication Requirements, Guideline on Defining
  - Standard on Identity and Credential Assurance, Directive on Identity Management - Appendix A

View complete hierarchy

Print-friendly XML

Long description for image: /pol-cont/30678-01-eng.JPG

The Guideline on Defining Authentication Requirements defines a two-step process. Step 1: Determine assurance level requirement, and Step 2: Determine authentication options, including compensating factors and other safeguards.

The Guideline on Defining Authentication Requirements provides an output of Identity Assurance Level Request that used as input into the Guideline on Identity Assurance. The Guideline on Identity Assurance, taking into account identity context, is used to assist implementing identity assurance level requirements.

The Guideline on Defining Authentication Requirements also provides the outputs of Credential Assurance Requirement and Authentication Requirements. These are used as inputs into ITSG-31 User Authentication Guidance for IT Systems and ITSG-33 IT Security Risk Management: A Lifecycle Approach.

When taken together, the outputs of the guidelines may be used to assist in the decisions of federating credentials or federating identity, which are enablers to federation.

Return to the Complete Text

Report a problem or mistake on this page

Date modified:: 2017-08-24