Authentication Standard

From GM-RKB

Jump to navigation Jump to search

An Authentication Standard is a security standard that defines authentication protocols and authentication requirements to establish identity verification procedures across authentication systems.

AKA: Identity Verification Standard, Authentication Protocol Standard, Access Verification Standard.
Context:
- It can typically specify Authentication Factor Requirements for authentication security levels.
- It can typically define Authentication Protocol Specifications through authentication message formats.
- It can typically establish Authentication Compliance Criteria for authentication implementations.
- It can typically mandate Authentication Security Controls against authentication threats.
- It can typically provide Authentication Interoperability Rules between authentication systems.
- ...
- It can often include Authentication Test Suites for authentication conformance testing.
- It can often specify Authentication Metadata Formats for authentication assertions.
- It can often define Authentication Error Handling for authentication failure scenarios.
- It can often establish Authentication Privacy Requirements for authentication data protection.
- ...
- It can range from being a Single-Factor Authentication Standard to being a Multi-Factor Authentication Standard, depending on its authentication factor requirements.
- It can range from being a Basic Authentication Standard to being a Advanced Authentication Standard, depending on its authentication security sophistication.
- ...
- It can integrate with Identity Management Systems for authentication service deployment.
- It can interface with Security Frameworks for authentication policy enforcement.
- It can connect to Compliance Management Systems for authentication audit support.
- It can work with Authentication Service Providers for authentication implementation guidance.
- ...
Example(s):
- Modern Authentication Standards, such as:
  - Passwordless Authentication Standards, such as:
    - FIDO2 Authentication Standard enabling authentication public key cryptography.
    - WebAuthn Authentication Standard supporting authentication web applications.
  - Multi-Factor Authentication Standards, such as:
    - NIST Authentication Standard defining authentication assurance levels.
    - ISO 29115 Authentication Standard establishing authentication entity requirements.
- Legacy Authentication Standards, such as:
  - Password-Based Authentication Standards, such as:
    - RADIUS Authentication Standard for authentication network access.
    - Kerberos Authentication Standard using authentication tickets.
  - Token-Based Authentication Standards, such as:
    - OATH Authentication Standard for authentication OTP generation.
    - SAML Authentication Standard enabling authentication assertion exchange.
- ...
Counter-Example(s):
- Encryption Standard, which defines data protection methods rather than authentication identity verification.
- Authorization Standard, which specifies access control rules rather than authentication protocols.
- Security Policy, which provides security guidelines rather than authentication technical specifications.
See: Security Standard, Authentication Protocol, Identity Management, Access Control Standard.

Retrieved from "http://www.gabormelli.com/RKB/index.php?title=Authentication_Standard&oldid=951809"