2023 Marymount University Cybersecurity Celebration
Hosted by: Marymount University
Date: May 19, 2023
Venue: Arlington, VA
Details:
Digital Insanity: Exploring the Flexibility of NIST Digital Identity Assurance Levels
NIST Special Publication 800-63-3 presents a new risk management concept on digital identity. It includes various harm categories to determine an appropriate assurance level for identity proofing, authentication, and federation. These three distinct approaches are highlighted to give flexibility in protecting systems. This paper explores if this is a realized flexibility by developing a tool to test assurance level and component flexibility. It also identifies appropriate MFA levels given different levels of risks and makes three recommendations to help improve the adoption of the NIST digital identity guidelines.
Keywords: Assurance Level, Digital Identity Risk Assessment, Digital Identity, Identity Proofing, Authenticator, Federation