Difference between revisions of "Assurance"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(Solutions)
Line 13: Line 13:
  
 
==Solutions==
 
==Solutions==
 
+
A rather facile mapping of the NIST levels of [[Assurance]] to the processes known today is:
 
* AAL1 ==> password
 
* AAL1 ==> password
 
* AAL2 ==> 2FA
 
* AAL2 ==> 2FA

Revision as of 06:28, 8 August 2018

Full Title or Meme

The level of trust that can be afforded a claim of an Identifier or Attribute.

Context

Problems

  • In contexts where names are not validated (of low Assurance) the problem arises that trolls many adopt the name of some well-known person to be able to make statements that falsely appear to be from the real person.[1]

Solutions

A rather facile mapping of the NIST levels of Assurance to the processes known today is:

  • AAL1 ==> password
  • AAL2 ==> 2FA
  • AAL3 ==> U2F

References

  1. Synonyms include: Validated.
    1. Jack Nicas, Oprah, Is That You? Most Likely, It's Not. 2018-07-08 New York Times page BU1