SummaryRecommendation ITU-T X.1254 specifies three entity authentication assurance levels (AALs), and criteria for and threats to each of them. Additionally, it: • establishes a framework for managing AALs; • provides guidance concerning control technologies that are to be used to mitigate authentication threats, based on a risk assessment; • provides guidance for mapping the three AALs to other authentication assurance schemas; and • provides guidance for exchanging the results of authentication that are based on the three AALs. |