Assurance

From MgmtWiki

Revision as of 15:09, 9 July 2018 by Tom (talk | contribs) (→‎References)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Contents

1 Full Title or Meme
2 Context
3 Problems
4 Solutions
5 References

Full Title or Meme

The level of trust that can be afforded a claim of an Identifier or Attribute.

Context

Some means for assuring the Web Site Security is required. See that page for details.
The rest of this page is about establishing a level of assurance for Personal Information about a User also known as a Subject.
NIST 800-63-3

Problems

In contexts where names are not validated (of low Assurance) the problem arises that trolls many adopt the name of some well-known person to be able to make statements that falsely appear to be from the real person.^[1]

Solutions

AAL1 ==> password
AAL2 ==> 2FA
AAL3 ==> U2F

References

Synonyms include: Validation.
↑ Jack Nicas, Oprah, Is That You? Most Likely, It's Not. 2-18-07-08 page BU1

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Assurance&oldid=1166"

Glossary