Electronic Authentication Guidelines

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology » | Visit National Institute of Standards and Technology »

From National Institute of Standards and Technology | Dec 1, 2010

Electronic authentication (E-authentication) is the process of establishing confidence in user identities electronically presented to an information system. E-authentication presents a technical challenge when this process involves the remote authentication of individual people over a network for the purposes of electronic government and commerce. This recommendation provides technical guidelines to agencies to allow an individual to remotely authenticate his or her identity to a Federal IT system. These guidelines address only traditional, widely implemented methods for remote authentication based on secrets. With these methods, the individual to be authenticated proves that he or she knows or possesses some secret information.

The attached Zip file includes:

• Intro Page.doc
• Cover Sheet and Terms.doc
• Electronic Authentication Guidelines.pdf

Related IT Downloads

• 

  Guide to Computer Security Log Management

  TUTORIALS

  Log data must be secure and your team must closely monitor it.

• 

  Guide to Using Vulnerability Naming Schemes

  TUTORIALS

  This NIST publication explains how organizations can use the Common Vulnerabilities and Exposures (CVE) and Common Configuration Enumeration (CCE) naming schemes to manage and minimize IT system vulnerabilities.

• 

  File Sharing and File Transfer Policy

  POLICIES

  Use this template to ensure that employees understand the rules against peer-to-peer file sharing and the consequences for breaking them.