FICAM LOA 3 Profile, v1.0
This Trust Interoperability Profile specifies the requirements for a CSP to meet FICAM LOA 3.
|Keywords:||There are no keywords.|
|Legal Notice:||This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.|
This Trust Interoperability Profile specifies FICAM LOA 3 requirements on subscriber registration and credential issuance by CSPs. This TIP is equivalent to the NIST 800-63 LOA 3 Registration and Issuance Profile, with the sole exception being that this TIP does not allow the use of derived credentials.
This Trust Interoperability Profile specifies NIST 800-63 LOA 3 token strength requirements, and token-specific authentication requirements on CSPs.
This Trust Interoperability Profile specifies NIST 800-63 LOA 3 requirements on the management of authentication tokens and credentials by CSPs, as adopted by FICAM. This Profile does not the include security control requirements stated in NIST 800-63. Credential storage requirements from NIST 800-63 are not covered in this TIP, but are covered in the NIST 800-63 Token Type Specific Strength and Authentication Profiles, specifically for shared secret tokens.
This Trust Interoperability Profile specifies NIST 800-63 LOA 3 requirements on subscriber authentication by CSPs.