NIEF Minimum Authentication Process Profile, v1.0
This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements for subscriber authentication by NIEF Identity Provider Organizations (IDPOs).
|Keywords:||There are no keywords.|
|Legal Notice:||This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.|
This Trustmark Definition covers requirements on Credential Service Providers (CSPs) for mitigating threats of online guessing, replay, eavesdropping, and session hijacking to authentication processes.
This Trustmark Definition covers basic requirements for subscriber authentication, done by Credential Service Providers (CSPs).
This Trustmark Definition covers requirements on Credential Service Providers (CSPs) for weak resistance of the man-in-the-middle threat to authentication processes.
This Trustmark Definition covers the use of approved cryptography, by Credential Service Providers (CSPs), for protecting session data during authentication processes.