482 MB | 3 files | PDF
This publication presents a methodology for assigning authentication strengths based on the strength of pair wise bindings between the five entities involved in smart card based authentications.
Smart cards (smart identity tokens) are now extensively deployed for identity verification, and are used in controlling access to both IT and physical resources. This publication presents a methodology for assigning authentication strengths based on the strength of pair wise bindings between the five entities involved in smart card based authentications – the card (token), the token secret, the card holder, the card issuer, and the person identifier stored in the card. NISTIR 7849 also illustrates how to use the methodology for developing an authentication assurance level taxonomy for two real-world smart identity token deployments.
The attached zip file includes:
This excerpt focuses on the conceptual aspects of defect management, including the basic concepts of a defect, how to manage defects, and an analysis of the root causes of defects. ... More >>
This document makes recommendations for how users and developers should select checklists from the NIST National Checklist Repository, evaluate and test checklists, and apply them to IT products. ... More >>
This publication is intended to assist organizations in understanding the basics of application whitelisting. It also explains planning and implementation for whitelisting technologies throughout the security deployment lifecycle. ... More >>