Difference between revisions of "Software Statement"
From MgmtWiki
(Created page with "==Full Title or Meme== A json document that describes the provenance, certification and operational environment of an implementation of a software package on a computing machi...") |
(→Context) |
||
| Line 3: | Line 3: | ||
==Context== | ==Context== | ||
# In determining an authentication assurance level (NIST 800-63-3B AAL2 or 3) a website needs to see some sort of attestation statement that can be used to determine the level of assurance that a user's credential will not be exposed. | # In determining an authentication assurance level (NIST 800-63-3B AAL2 or 3) a website needs to see some sort of attestation statement that can be used to determine the level of assurance that a user's credential will not be exposed. | ||
| + | ==Problems or Threats== | ||
| + | # Spoofing the user by acquiring access to the user's authentication credentials. | ||
| + | |||
==References== | ==References== | ||
[[Category:Glossary]] | [[Category:Glossary]] | ||
[[Category:Authentication]] | [[Category:Authentication]] | ||
Revision as of 15:42, 20 February 2020
Full Title or Meme
A json document that describes the provenance, certification and operational environment of an implementation of a software package on a computing machine.
Context
- In determining an authentication assurance level (NIST 800-63-3B AAL2 or 3) a website needs to see some sort of attestation statement that can be used to determine the level of assurance that a user's credential will not be exposed.
Problems or Threats
- Spoofing the user by acquiring access to the user's authentication credentials.
