This bulletin summarizes the information presented in NISTIR 7817, A Credential Reliability and Revocation Model for Federated Identities, written by Hildegard Ferraiolo. The publication analyzes the different types of digital credentials used in authenticating the identity of remote users of information systems and recommends practices to improve system security and information privacy. Topics discussed in the publication include challenges in managing the different types of identity services, recommendations for improving the process for the revocation of credentials when there are threats and risks to systems, and a proposal for the formation of a uniform reliability and revocation service that includes the participation of all parties of a federated community. The bulletin summarizes these topics and includes references to additional sources of information on identity management.
This bulletin summarizes the information presented in NISTIR 7817, A Credential Reliability and Revocation Model for Federated Identities, written by Hildegard Ferraiolo. The publication analyzes the different types of digital credentials used in authenticating the identity of remote users of...
See full abstract
This bulletin summarizes the information presented in NISTIR 7817, A Credential Reliability and Revocation Model for Federated Identities, written by Hildegard Ferraiolo. The publication analyzes the different types of digital credentials used in authenticating the identity of remote users of information systems and recommends practices to improve system security and information privacy. Topics discussed in the publication include challenges in managing the different types of identity services, recommendations for improving the process for the revocation of credentials when there are threats and risks to systems, and a proposal for the formation of a uniform reliability and revocation service that includes the participation of all parties of a federated community. The bulletin summarizes these topics and includes references to additional sources of information on identity management.
Hide full abstract
Keywords
authentication; identity credentials; identity management; identity management systems; information privacy; information security; information systems; security management; security risks; security threats