Electronic Authentication Guideline

Burr, William E.; Dodson, Donna F.; Newton, Elaine M.; Perlner, Ray A.; Polk, Tim; Gupta, Sarbari; Nabbus, Ebad A.

doi:10.6028/nist.sp.800-63-2

Cited by 56 publications

(54 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These methods are analyzed in Sections 5 and 6 for the public safety disciplines of Fire, EMS, and Law Enforcement. Although not an exhaustive list, the authentication methods in this section are an expanded set of those presented in NIST Special Publication (SP) 800-63-2 [11] and NISTIR 8014, Considerations for Identity Management in Public Safety Mobile Networks, [2]. Topics such as identity management, authentication factors, and user and device identity are all addressed in NISTIR 8014, and act as a foundation for the current effort.…”

Section: Authentication Methods Under Reviewmentioning

confidence: 99%

Usability and Security Considerations for Public Safety Mobile Authentication

Choong¹,

Franklin²,

Greene³

2016

View full text Add to dashboard Cite

Section: Authentication Methods Under Reviewmentioning

confidence: 99%

Usability and Security Considerations for Public Safety Mobile Authentication

Choong¹,

Franklin²,

Greene³

2016

View full text Add to dashboard Cite

“…NIST SP 800-63-2 defines remote authentication as "An information exchange between networkconnected devices where the information cannot be reliably protected end-to-end by a single organization's security controls." [1] Assessing the strength of an authentication scheme is a difficult task and, as previously stated, the use of multi-factor tokens provides greater assurance. While tokens may support one, two, or three factors, it is possible that the chosen authentication scheme will not require all three factors at all times.…”

Section: Authenticationmentioning

confidence: 99%

“…NIST SP 800-63-2 was designed to supplement OMB M-04-04 by providing guidelines for implementing the third step of OMB's process for agencies to meet their e-authentication assurance requirementsselecting a technology based on e-authentication technical guidance [1]. It is important to note that NIST SP 800-63-2 solely provides guidance for remote authentication -local authentication is not considered.…”

Section: Nist Special Publication 800-63-2: Electronic Authenticationmentioning

confidence: 99%

“… Appendix A defines selected acronyms and abbreviations used in this specification,  Appendix B contains a list of references used in the development of this document,  Appendix C summarizes the NIST Special Publication (SP) 800-63-2 [1] registration and issuance requirements,  Appendix D summarizes the NIST SP 800-63-2 requirements for token selection,…”

Section: Document Structurementioning

confidence: 99%

“…No empty answers allowed 13 In NIST Special Publication 800-63-2, Appendix A, "Estimating Entropy and Strength" provides guidance on estimating the strength of randomly and user-generated passwords [1].…”

Section: Pre-registered Knowledge Token (Something Youmentioning

confidence: 99%

See 2 more Smart Citations

Consideration for Identity Management in Public Safety Mobile Networks

Hastings

Franklin²

2015

View full text Add to dashboard Cite

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation's measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL's responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in Federal information systems. AbstractThis document analyzes approaches to identity management for public safety networks in an effort to assist individuals developing technical and policy requirements for public safety use. These considerations are scoped into the context of their applicability to public safety communications networks with a particular focus on the nationwide public safety broadband network (NPSBN) based on the Long Term Evolution (LTE) family of standards. A short background on identity management is provided alongside a review of applicable federal and industry guidance. Considerations are provided for identity proofing, selecting tokens, and the authentication process. While specific identity management technologies are analyzed, the document does not preclude other identity management technologies from being used in public safety communications networks.

show abstract

Fast heuristic approach for control of complex authentication systems

Toragay

Silva

2021

Appl Stoch Models Bus & Ind

View full text Add to dashboard Cite

In secure networks, the authentication process, which verifies a user's identity, is a sensitive operation. Balancing the authentication process's security and usability while keeping operating costs low is a major challenge. We investigate this process in a secure system that has multiple authentication methods available. The goal is to find a fast and easy‐to‐implement approach to assign incoming requests to authentication methods in a way that balances cost, usability, and security. We model the system as a continuous‐time, infinite‐horizon Markov Decision Process. Then, we propose a new, fast heuristic approach to solve the problem, as the curse of dimensionality limits the effectiveness of exact methods. The proposed heuristic uses closed‐form approximations to define threshold policies that are easily implementable. Numerical experiments show that our approach yields robust, near‐optimal solutions, with high accuracy, for a wide range of problem instances.

show abstract

Electronic Authentication Guideline

Cited by 56 publications

References 0 publications

Usability and Security Considerations for Public Safety Mobile Authentication

Usability and Security Considerations for Public Safety Mobile Authentication

Consideration for Identity Management in Public Safety Mobile Networks

Fast heuristic approach for control of complex authentication systems

Contact Info

Product

Resources

About