.Framework supporting mutual acceptance, validation and lifecycle maintenance across identity federations.
# 框架支持相互認可,校驗和跨認證聯邦的生命週期維護.
.EAP Trust Framework and US e-Authentication Federation Credential Accessment Framework as baseline.
#以"EAP Trust Framework "和"US e-Authentication "聯邦信用訪問框架為底線
.Harmonized, best-of-breed industry identity assurance standard
. Identity credential policy #身份信用策略
. Business procedure and rule set #業務行程和規則集
. Baseline commerical terms #基本商業用語
. Guideline to foster inter-federation on a global scale
. it consists of 4 parts: #4個組成部份
. Assurance Levels # 保險級別
. Service Assessment Criteria # 服務評估規則
. Accreditation and Certification Model #鑒定認證模塊
. Business Rules #業務規則
IAF Assurance Levels
Four primary levels of Assurance:
. level 1 – little or no confidence in asserted identity’s validity #在身份校驗沒有機密
. level2 – Some confidence 一些機密
. level3 – High level of confidence 高級的機密
. level4 – Very high level of confidence 特高級機密
.Use of Assurance Level is determined by level of authentication necessary to mitigate risk in the transaction, as determined by the Relying Party
AL1 – PIN and Password
AL2 – Single Factor; Prove control of token through authentication protocol
AL3 – Multi-factor auth; Cryptpgraphic protocol; “soft”, “hard”, or “OTP” tokens
AL4 – Multi-factor auth w/hard token only; crypto protocol w/keys bound to auth process
博文
没有评论:
发表评论