Thursday, November 21, 2019
Front-end Web Essay Example | Topics and Well Written Essays - 1500 words
Front-end Web - Essay Example ne criteria for general organizational conformity, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated. The LIAF will also establish Credential Assessment Profiles (CAPs) for each level of assurance that will be published and updated as needed to account for technological advances and preferred practice and policy updates. Managing risk in electronic transactions requires authentication and identity information management processes that provide an appropriate level of assurance of identity. Each level describes a different degree of certainty in the identity of the claimant, because different levels of risk are associated with different electronic transactions. For authentication purposes, the claimant is required to prove that he or she controls the token, through a secure authentication protocol. The claimant must also unlock the token first using a biometric or password, and use the password to establish 2-factor authentication in a secure authentication protocol. Whenever Long-term shared authentication secrets used, they are revealed only to the verifiers and claimant operated directly by the CSP (Credentials Service Provider), although temporary or session shared secrets may be disclosed to independent verifiers by the Credentials Service Provider. Approved cryptographic techniques are used for all operations. Assertions issued about claimants as a result of a successful authentication are either cryptographically authenticated by relying parties, or are obtained directly from a trusted party via a secure authentication protocol. (Updated Liberty Identity Assurance Framework (IAF) Based upon Public Review. Retrieved from Level 4 is based on proof of possession of a key through a cryptographic protocol. This Level is like to Level 3 but allows only hard cryptographic tokens, in the form of a physical token that cannot be copied readily. There is requirement of strong cryptographic
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.