NIEF TPAT | TIP: NIEF Simple Identity Assurance Profile for Access to Emergency Response Data

NIEF Simple Identity Assurance Profile for Access to Emergency Response Data, v1.0

Profile of identity assurance requirements from NIST Special Publication 800-63A for systems that handle the Emergency Response information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.4.4. Emergency Response involves the immediate actions taken to respond to a disaster (e.g., wildfire management). These actions include providing mobile telecommunications, operational support, power generation, search and rescue, and medical life saving actions. Impacts to emergency response information and the information systems that process and store emergency response information could result in negative impacts on cross-jurisdictional coordination within the critical emergency services infrastructure and the general effectiveness of organizations tasked with emergency response missions. Systems that handle Emergency Response information should operate at an impact level of LOW confidentiality, HIGH integrity, and HIGH availability, as recommended by NIST. NOTE: This "simple" profile does NOT contain NIST 800-63A identity assurance requirements related to security or privacy. It is intended to be used in conjunction with appropriate NIEF profiles for security and privacy controls.

Identifier

https://trustmark.nief.org/tpat/tips/nief-simple-identity-assurance-profile-for-access-to-emergency-response-data/1.0/

Publication Date

2021-08-28

Issuing Organization

NIEF (https://nief.org/) View Contact

NIEF Support

help@nief.org

No telephone

No Mailing Address

Keywords

Security, NIEF, Emergency Response

Legal Notice

This artifact is published by the National Identity Exchange Federation (NIEF). This artifact and the information contained herein is provided on an "AS IS" basis, and NIEF disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, NIEF disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NIEFSimpleIdentityAssuranceProfileforDataCategorieswithHIGHRiskImpact

References (1)

TIP NIEF Simple Identity Assurance Profile for Data Categories with HIGH Risk Impact, v1.0
Description	NIEF identity assurance profile for access to categories of data whose highest risk impact level (among confidentiality risk, integrity risk, and availability risk) is HIGH. Derived from NIST Special Publication 800-63A Identity Assurance Level 3 (IAL3) requirements, excluding security controls and privacy controls. Intended for use in conjunction with appropriate NIEF profiles for security and privacy controls.
ID	TIP_NIEFSimpleIdentityAssuranceProfileforDataCategorieswithHIGHRiskImpact

Sources (4)

NIEF	National Identity Exchange Federation
NIST SP 800-63A	NIST Special Publication 800-63A, Digital Identity Guidelines: Enrollment and Identity Proofing Requirements. June 2017. Available at https://doi.org/10.6028/NIST.SP.800-63a.
SP800-60V1R1	NIST Special Publication 800-60 Volume I, Revision 1, Guide for Mapping Types of Information and Information Systems to Security Categories, National Institute of Standards and Technology, August 2008. Available at https://doi.org/10.6028/NIST.SP.800-60v1r1.
SP800-60V2R1	NIST Special Publication 800-60 Volume II, Revision 1, Appendices to Guide for Mapping Types of Information and Information Systems to Security Categories, National Institute of Standards and Technology, August 2008. Available at https://doi.org/10.6028/NIST.SP.800-60v2r1.

Also available as XML or JSON