NIEF TPAT | TIP: NIEF Simple Authenticator Assurance Profile for Access to Leadership Protection Data

NIEF Simple Authenticator Assurance Profile for Access to Leadership Protection Data, v1.0

Profile of authenticator assurance requirements from NIST Special Publication 800-63B for systems that handle the Leadership Protection information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.16.4. Leadership protection involves all activities performed to protect the health and well being of the president, vice-president, their families, and other high-level government officials. Some leadership protection information may be classified. All classified information is treated under separate rules established for national security information and is outside the scope of this guideline. Systems that handle Leadership Protection information should operate at an impact level of MODERATE confidentiality, LOW integrity, and LOW availability, as recommended by NIST. NOTE: This "simple" profile does NOT contain NIST 800-63B authenticator assurance requirements related to security or privacy. It is intended to be used in conjunction with appropriate NIEF profiles for security and privacy controls.

Identifier

https://trustmark.nief.org/tpat/tips/nief-simple-authenticator-assurance-profile-for-access-to-leadership-protection-data/1.0/

Publication Date

2021-08-28

Issuing Organization

NIEF (https://nief.org/) View Contact

NIEF Support

help@nief.org

No telephone

No Mailing Address

Keywords

Security, NIEF, Leadership Protection

Legal Notice

This artifact is published by the National Identity Exchange Federation (NIEF). This artifact and the information contained herein is provided on an "AS IS" basis, and NIEF disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, NIEF disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NIEFSimpleAuthenticatorAssuranceProfileforDataCategorieswithMODERATERiskImpact

References (1)

TIP NIEF Simple Authenticator Assurance Profile for Data Categories with MODERATE Risk Impact, v1.0
Description	NIEF authenticator assurance profile for access to categories of data whose highest risk impact level (among confidentiality risk, integrity risk, and availability risk) is LOW. Derived from NIST Special Publication 800-63B Authenticator Assurance Level 2 (AAL2) requirements, excluding security controls and privacy controls. Intended for use in conjunction with appropriate NIEF profiles for security and privacy controls.
ID	TIP_NIEFSimpleAuthenticatorAssuranceProfileforDataCategorieswithMODERATERiskImpact

Sources (4)

NIEF	National Identity Exchange Federation
NIST SP 800-63B	NIST Special Publication 800-63B, Digital Identity Guidelines: Authentication and Lifecycle Management. June 2017. Available at https://doi.org/10.6028/NIST.SP.800-63b.
SP800-60V1R1	NIST Special Publication 800-60 Volume I, Revision 1, Guide for Mapping Types of Information and Information Systems to Security Categories, National Institute of Standards and Technology, August 2008. Available at https://doi.org/10.6028/NIST.SP.800-60v1r1.
SP800-60V2R1	NIST Special Publication 800-60 Volume II, Revision 1, Appendices to Guide for Mapping Types of Information and Information Systems to Security Categories, National Institute of Standards and Technology, August 2008. Available at https://doi.org/10.6028/NIST.SP.800-60v2r1.

Also available as XML or JSON