NIST Digital Identity Guidelines
The NIST Digital Identity Guidelines is the Special Publication 800-63-3 of the National Institute of Standards and Technology of the United States Department of Commerce.
- Access. To make contact with one or more discrete functions of an online, digital service.
- Active Attack. An attack on the authentication protocol where the attacker transmits data to the claimant, Credential Service Provider (CSP), verifier, or Relying Party (RP). Examples of active attacks include man-in-the-middle (MitM), impersonation, and session hijacking.
- Address of Record. The validated and verified location (physical or digital) where an individual can receive communications using approved mechanisms.
- Applicant. A subject undergoing the processes of enrollment and identity proofing.
- Approved Cryptography Federal Information Processing Standard (FIPS)-approved or NIST recommended. An algorithm or technique that is either 1) specified in a FIPS or NIST Recommendation, or 2) adopted in a FIPS or NIST Recommendation.
- Assertion. A statement from a verifier to an RP that contains information about a subscriber. Assertions may also contain verified attributes.
- Assertion Reference. A data object, created in conjunction with an assertion, which identifies the verifier and includes a pointer to the full assertion held by the verifier.
- Asymmetric Keys. Two related keys, comprised of a public key and a private key, which are used to perform complementary operations such as encryption and decryption or signature verification and generation.
- Attack. An unauthorized entity’s attempt to fool a verifier or RP into believing that the unauthorized individual in question is the subscriber.
- Attacker. A party, including an insider, who acts with malicious intent to compromise a system.
- Attribute. A quality or characteristic ascribed to someone or something.
- Attribute Bundle. A packaged set of attributes, usually contained within an assertion. Attribute bundles offer RPs a simple way to retrieve the most relevant attributes they need from IdPs. Attribute bundles are synonymous with OpenID Connect scopes [OpenID Connect Core 1.0].
- Attribute Reference. A statement asserting a property of a subscriber without necessarily containing identity information, independent of format. For example, for the attribute “birthday,” a reference could be “older than 18” or “born in December.”
- Attribute Value. A complete statement asserting a property of a subscriber, independent of format. For example, for the attribute “birthday,” a value could be “12/1/1980” or “December 1, 1980.”
- Authenticate. See Authentication.
- Authenticated Protected Channel. An encrypted communication channel that uses approved cryptography where the connection initiator (client) has authenticated the recipient (server). Authenticated protected channels provide confidentiality and MitM protection and are frequently used in the user authentication process. Transport Layer Security (TLS) [BCP 195] is an example of an authenticated protected channel where the certificate presented by the recipient is verified by the initiator. Unless otherwise specified, authenticated protected channels do not require the server to authenticate the client. Authentication of the server is often accomplished through a certificate chain leading to a trusted root rather than individually with each server.
- Authentication. Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to a system’s resources.
- Authentication Factor. The three types of authentication factors are something you know, something you have, andsomething you are. Every authenticator has one or more authentication factors.
- Authentication Intent. The process of confirming the claimant’s intent to authenticate or re-authenticate by including a process requiring user intervention in the authentication flow. Some authenticators (e.g., OTP devices) establish authentication intent as part of their operation, others require a specific step, such as pressing a button, to establish intent. Authentication intent is a countermeasure against use by malware of the endpoint as a proxy for authenticating an attacker without the subscriber’s knowledge.
- Authentication Protocol. A defined sequence of messages between a claimant and a verifier that demonstrates that the claimant has possession and control of one or more valid authenticators to establish their identity, and, optionally, demonstrates that the claimant is communicating with the intended verifier.
- Authentication Protocol Run. An exchange of messages between a claimant and a verifier that results in authentication (or authentication failure) between the two parties.
- Authentication Secret. A generic term for any secret value that an attacker could use to impersonate the subscriber in an authentication protocol.These are further divided into short-term authentication secrets, which are only useful to an attacker for a limited period of time, andlong-term authentication secrets, which allow an attacker to impersonate the subscriber until they are manually reset. The authenticator secret is the canonical example of a long-term authentication secret, while the authenticator output, if it is different from the authenticator secret, is usually a short-term authentication secret.
- Authenticator. Something the claimant possesses and controls (typically a cryptographic module or password) that is used to authenticate the claimant’s identity. In previous editions of SP 800-63, this was referred to as a token.
- Authenticator Assurance Level (AAL). A category describing the strength of the authentication process.
- Authenticator Output. The output value generated by an authenticator. The ability to generate valid authenticator outputs on demand proves that the claimant possesses and controls the authenticator. Protocol messages sent to the verifier are dependent upon the authenticator output, but they may or may not explicitly contain it.
- Authenticator Secret. The secret value contained within an authenticator.
- Authenticator Type. A category of authenticators with common characteristics. Some authenticator types provide one authentication factor, others provide two.
- Authenticity. The property that data originated from its purported source.
- Authoritative Source. An entity that has access to, or verified copies of, accurate information from an issuing source such that a CSP can confirm the validity of the identity evidence supplied by an applicant during identity proofing. An issuing source may also be an authoritative source. Often, authoritative sources are determined by a policy decision of the agency or CSP before they can be used in the identity proofing validation phase.
- Authorization Component. A set of data items issued to an RP by an IdP during an identity federation transaction that grants the RP authorized access to a set of APIs (e.g., an OAuth access token). This credential can be separate from the assertion provided by the federation protocol (e.g., an OpenID Connect ID Token).
- Authorize. A decision to grant access, typically automated by evaluating a subject’s attributes.
- Back-Channel Communication. Communication between two systems that relies on a direct connection (allowing for standard protocol-level proxies), without using redirects through an intermediary such as a browser. This can be accomplished using HTTP requests and responses.
- Bearer Assertion. The assertion a party presents as proof of identity, where possession of the assertion itself is sufficient proof of identity for the assertion bearer.
- Binding. An association between a subscriber identity and an authenticator or given subscriber session.
- Biometrics. Automated recognition of individuals based on their biological and behavioral characteristics.
- Challenge-Response Protocol. An authentication protocol where the verifier sends the claimant a challenge (usually a random value or nonce) that the claimant combines with a secret (such as by hashing the challenge and a shared secret together, or by applying a private key operation to the challenge) to generate a response that is sent to the verifier. The verifier can independently verify the response generated by the claimant (such as by re-computing the hash of the challenge and the shared secret and comparing to the response, or performing a public key operation on the response) and establish that the claimant possesses and controls the secret.
- Claimant. A subject whose identity is to be verified using one or more authentication protocols.
- Claimed Address. The physical location asserted by a subject where they can be reached. It includes the individual’s residential street address and may also include their mailing address.For example, a person with a foreign passport living in the U.S. will need to give an address when going through the identity proofing process. This address would not be an “address of record” but a “claimed address.”
- Claimed Identity. An applicant’s declaration of unvalidated and unverified personal attributes.
- Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA). An interactive feature added to web forms to distinguish whether a human or automated agent is using the form. Typically, it requires entering text corresponding to a distorted image or a sound stream.
- Credential. An object or data structure that authoritatively binds an identity - via an identifier or identifiers -and (optionally) additional attributes, to at least one authenticator possessed and controlled by a subscriber.While common usage often assumes that the subscriber maintains the credential, these guidelines also use the term to refer to electronic records maintained by the CSP that establish binding between the subscriber’s authenticator(s) and identity.
- Credential Service Provider (CSP). A trusted entity that issues or registers subscriber authenticators and issues electronic credentials to subscribers. A CSP may be an independent third party or issue credentials for its own use.
- Cross-site Request Forgery (CSRF). An attack in which a subscriber currently authenticated to an RP and connected through a secure session browses to an attacker’s website, causing the subscriber to unknowingly invoke unwanted actions at the RP.For example, if a bank website is vulnerable to a CSRF attack, it may be possible for a subscriber to unintentionally authorize a large money transfer, merely by viewing a malicious link in a webmail message while a connection to the bank is open in another browser window.
- Cross-site Scripting (XSS). A vulnerability that allows attackers to inject malicious code into an otherwise benign website. These scripts acquire the permissions of scripts generated by the target website and can therefore compromise the confidentiality and integrity of data transfers between the website and client. Websites are vulnerable if they display user-supplied data from requests or forms without sanitizing the data so that it is not executable.
- Cryptographic Authenticator. An authenticator where the secret is a cryptographic key.
- Cryptographic Key. A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. For the purposes of these guidelines, key requirements shall meet the minimum requirements stated in Table 2 of NIST SP 800-57 Part 1.See also Asymmetric Keys, Symmetric Key.
- Cryptographic Module. A set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation).
- Data Integrity. The property that data has not been altered by an unauthorized entity.
- Derived Credential. A credential issued based on proof of possession and control of an authenticator associated with a previously issued credential, so as not to duplicate the identity proofing process.
- Digital Authentication. The process of establishing confidence in user identities presented digitally to a system. In previous editions of SP 800-63, this was referred to as Electronic Authentication.
- Digital Signature. An asymmetric key operation where the private key is used to digitally sign data and the public key is used to verify the signature. Digital signatures provide authenticity protection, integrity protection, and non-repudiation, but not confidentiality protection.
- Disassociability. Per NISTIR8062: Enabling the processing of PII or events without association to individuals or devices beyond the operational requirements of the system. DiversionaryIn regards to KBV, a multiple-choice question for which all answers provided are incorrect, requiring the applicant to select an option similar to “none of the above.”
- Eavesdropping Attack. An attack in which an attacker listens passively to the authentication protocol to capture information that can be used in a subsequent active attack to masquerade as the claimant.
- Electronic Authentication (E-Authentication). See Digital Authentication.
- Enrollment. The process through which an applicant applies to become a subscriber of a CSP and the CSP validates the applicant’s identity.
- Entropy. A measure of the amount of uncertainty an attacker faces to determine the value of a secret. Entropy is usually stated in bits. A value having n bits of entropy has the same degree of uncertainty as a uniformly distributed n- bit random value.
- Federal Information Processing Standard (FIPS). Under the Information Technology Management Reform Act (Public Law 104-106), the Secretary of Commerce approves the standards and guidelines that the National Institute of Standards and Technology (NIST) develops for federal computer systems. NIST issues these standards and guidelines as Federal Information Processing Standards (FIPS) for government-wide use. NIST develops FIPS when there are compelling federal government requirements, such as for security and interoperability, and there are no acceptable industry standards or solutions. See background information for more details. FIPS documents are available online on the FIPS home page: http://www.nist.gov/itl/fips.cfm
- Federation. A process that allows the conveyance of identity and authentication information across a set of networked systems.
- Federation Assurance Level (FAL). A category describing the assertion protocol used by the federation to communicate authentication and attribute information (if applicable) to an RP.
- Federation Proxy. A component that acts as a logical RP to a set of IdPs and a logical IdP to a set of RPs, bridging the two systems with a single component. These are sometimes referred to as “brokers”.
- Front-Channel Communication. Communication between two systems that relies on redirects through an intermediary such as a browser. This is normally accomplished by appending HTTP query parameters to URLs hosted by the receiver of the message.
- Hash Function. A function that maps a bit string of arbitrary length to a fixed-length bit string. Approved hash functions satisfy the following properties:One-way - It is computationally infeasible to find any input that maps to any pre-specified output; and Collision resistant - It is computationally infeasible to find any two distinct inputs that map to the same output.
- Identity. An attribute or set of attributes that uniquely describe a subject within a given context.
- Identity Assurance Level (IAL). A category that conveys the degree of confidence that the applicant’s claimed identity is their real identity.
- Identity Evidence. Information or documentation provided by the applicant to support the claimed identity. Identity evidence may be physical (e.g. a driver license) or digital (e.g. an assertion generated and issued by a CSP based on the applicant successfully authenticating to the CSP).
- Identity Proofing. The process by which a CSP collects, validates, and verifies information about a person.
- Identity Provider (IdP). The party that manages the subscriber’s primary authentication credentials and issues assertions derived from those credentials. This is commonly the CSP as discussed within this document suite.
- Issuing Source. An authority responsible for the generation of data, digital evidence (such as assertions), or physical documents that can be used as identity evidence.
- Kerberos. A widely used authentication protocol developed at MIT. In “classic” Kerberos, users share a secret password with a Key Distribution Center (KDC). The user (Alice) who wishes to communicate with another user (Bob) authenticates to the KDC and the KDC furnishes a “ticket” to use to authenticate with Bob.