NIEF Moderate Token Strength and Authentication Profile, v1.0

This is a candidate Trust Interoperability Profile that specifies a proposed set of requirements for "moderate" (multi-factor) token strength and token-specific authentication policies and procedures implemented by NIEF Identity Provider Organizations (IDPOs).
Publication Date: 2017-05-18
Issuing Organization:
No Responder support@trustmarkinitiative.org 404-407-8956 75 5th Street NW, Suite 900, Atlanta, GA 30308
Keywords: There are no keywords.
Supersedes:
Legal Notice: This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TIP_1 OR TIP_2 OR TIP_3 OR ( TIP_10 AND TIP_12 ) OR ( TIP_10 AND TIP_14 ) OR ( TIP_10 AND TIP_16 ) OR ( TIP_10 AND TD_2 ) OR ( TIP_17 AND TIP_12 ) OR ( TIP_17 AND TIP_14 ) OR ( TIP_17 AND TIP_16 ) OR ( TIP_17 AND TD_2 )

References (19)

TIP_1
This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements on the implementation and strength of multi-factor software cryptographic tokens, and the use of these tokens for subscriber authentication, by NIEF Identity Provider Organizations (IDPOs).
TIP_2
This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements on the implementation and strength of multi-factor one-time-password tokens, and the use of these tokens for subscriber authentication, by NIEF Identity Provider Organizations (IDPOs).
TIP_3
This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements on the implementation and strength of multi-factor hardware cryptographic tokens, and the use of these tokens for subscriber authentication, by NIEF Identity Provider Organizations (IDPOs).
TIP_4
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of memorized secret tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_5
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of look-up tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_6
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of memorized secret tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_7
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of out-of-band tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_8
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of memorized secret tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_9
This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements on the implementation and strength of single-factor one-time-password device tokens, and the use of these tokens for subscriber authentication, by NIEF Identity Provider Organizations (IDPOs).
TIP_10
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of memorized secret tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_11
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of pre-registered knowledge tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_12
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of look-up tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_13
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of pre-registered knowledge tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_14
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of out-of-band tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_15
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of pre-registered knowledge tokens, and the use of these tokens for subscriber authentication by CSPs.
TIP_16
This is a candidate Trust Interoperability Profile that specifies a proposed minimum set of requirements on the implementation and strength of single-factor one-time-password device tokens, and the use of these tokens for subscriber authentication, by NIEF Identity Provider Organizations (IDPOs).
TIP_17
This Trust Interoperability Profile specifies NIST 800-63 LOA 2 requirements on the implementation and strength of pre-registered knowledge tokens, and the use of these tokens for subscriber authentication by CSPs.
TD_1
This Trustmark Definition covers entropy requirements for single-factor cryptographic device token authentication done by Credential Service Providers (CSPs).
TD_2
This Trustmark Definition covers entropy requirements for single-factor cryptographic device token authentication done by Credential Service Providers (CSPs).
Also available as XML or JSON