NIEF Minimum Authentication Process Profile, v1.0

This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements for subscriber authentication by NIEF Identity Provider Organizations (IDPOs).
Publication Date: 2017-05-18
Issuing Organization:
No Responder support@trustmarkinitiative.org 404-407-8956 75 5th Street NW, Suite 900, Atlanta, GA 30308
Keywords: There are no keywords.
Supersedes:
Legal Notice: This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TD_1 AND TD_2 AND TD_3 AND TD_4

References (4)

TD_1
This Trustmark Definition covers requirements on Credential Service Providers (CSPs) for mitigating threats of online guessing, replay, eavesdropping, and session hijacking to authentication processes.
TD_2
This Trustmark Definition covers basic requirements for subscriber authentication, done by Credential Service Providers (CSPs).
TD_3
This Trustmark Definition covers requirements on Credential Service Providers (CSPs) for weak resistance of the man-in-the-middle threat to authentication processes.
TD_4
This Trustmark Definition covers the use of approved cryptography, by Credential Service Providers (CSPs), for protecting session data during authentication processes.
Also available as XML or JSON