Work item:
|
X.1254
|
Subject/title:
|
Entity authentication assurance framework
|
Status:
|
Approved on 2020-09-03 [Issued from previous study period]
|
Approval process:
|
TAP
|
Type of work item:
|
Recommendation
|
Version:
|
Rev.
|
Equivalent number:
|
-
|
Timing:
|
-
|
Liaison:
|
ISO/IEC JTC 1/SC 27/WG5
|
Supporting members:
|
-
|
Summary:
|
Recommendation ITU-T X.1254 defines three entity authentication assurance levels (i.e., AAL1 - AAL3), and the criteria and threats for each of the three levels of entity authentication assurance.
Additionally, it:
- specifies a framework for managing the assurance levels;
- provides guidance concerning control technologies that are to be used to mitigate authentication threats, based on a risk assessment;
- provides guidance for mapping the three levels of assurance to other authentication assurance schemas; and
- provides guidance for exchanging the results of authentication that are based on the three levels of assurance.
|
Comment:
|
related text is ISO/IEC 29115.
|
Reference(s):
|
|
|
Historic references:
|
Contact(s):
|
|
ITU-T A.5 justification(s): |
|
|
|
First registration in the WP:
2016-03-29 15:33:51
|
Last update:
2020-10-20 11:16:29
|