NIST Special Publication 800-63 Electronic Authentication Guideline

This is a Hard copy of the NIST Special Publication 800-63, Electronic Authentication Guideline. This recommendation provides technical guidance to Federal agencies implementing electronic authentication. The recommendation covers remote authentication of users over open networks. It defines technical requirements for each of four levels of assurance in the areas of identity proofing, registration, tokens, authentication protocols and related assertions.This document states specific technical requirements for each of the four levels of assurance in the following areas: Tokens (typically a cryptographic key or password) for proving identity, Identity proofing, registration and the delivery of credentials which bind an identity to a token, Remote authentication mechanisms, that is the combination of credentials, tokens and authentication protocols used to establish that a claimant is in fact the subscriber he or she claims to be, Assertion mechanisms used to communicate the results of a remote authentication to other parties. The overall authentication assurance level is determined by the lowest assurance level achieved in any of the four areas listed above. This technical guidance covers remote electronic authentication of human users to Federal agency IT systems over a network. It does not address the authentication of a person who is physically present, for example for access to buildings, although some credentials and tokens that are used remotely may also be used for local authentication. While this technical guidance does, in many cases, establish requirements that Federal IT systems and service providers participating in authentication protocols be authenticated to subscribers, it does not specifically address machine-to-machine (such as router-to-router) authentication, nor does this guidance establish specific requirements for issuing authentication credentials and tokens to machines and servers when they are used in e-authentication protocols with people.Disclaimer This hardcopy is not published by National Institute of Standards and Technology (NIST), the US Government or US Department of Commerce. The publication of this document should not in any way imply any relationship or affiliation to the above named organizations and Government.