The IT Law Wiki


NIST, Information Security, NIST Special Publication 800-63 (Apr. 2006) (full-text).


This document provides technical guidance to federal agencies implementing electronic authentication. The recommendation covers remote authentication of users over open networks. It defines technical requirements for each of four levels of assurance in the areas of identity proofing, registration, tokens, authentication protocols and related assertions.

This document has been developed by the National Institute of Standards and Technology (NIST) in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Pub. L. No. 107-347.