NIST 800-63A provides a framework with three assurance levels, each setting increasingly stringent requirements – mapping claimed identity attributes to real identities, validating attributes, and restricting scalable attacks. CSPs may offer multiple verification pathways that are tailored to the use cases, populations and threat environment of an online service. CSPs should communicate the pathway used by their assertion and APIs …
Internationalists in Training
Internationalists in Training