NIEF Simple Identity Assurance Profile for Data Categories with HIGH Risk Impact, v1.0

NIEF identity assurance profile for access to categories of data whose highest risk impact level (among confidentiality risk, integrity risk, and availability risk) is HIGH. Derived from NIST Special Publication 800-63A Identity Assurance Level 3 (IAL3) requirements, excluding security controls and privacy controls. Intended for use in conjunction with appropriate NIEF profiles for security and privacy controls.
Identifier https://trustmark.nief.org/tpat/tips/nief-simple-identity-assurance-profile-for-data-categories-with-high-risk-impact/1.0/
Publication Date 2021-08-28
Issuing Organization
NIEF Support help@nief.org No telephone No Mailing Address
Keywords NIEF, Identity Assurance, IAL3, HIGH
Legal Notice This artifact is published by the National Identity Exchange Federation (NIEF). This artifact and the information contained herein is provided on an "AS IS" basis, and NIEF disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, NIEF disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TIP_ref5 and TD_ref1 and TD_ref2 and TD_ref3 and TIP_ref6 and TIP_ref7 and TD_ref4

References (7)

 TIP  NIST SP 800-63A IAL2/IAL3 General Requirements, v1.0
Description Profile of general identity assurance requirements that a Credential Service Provider (CSP) must satisfy to comply with NIST Special Publication 800-63A, Digital Identity Guidelines: Enrollment and Identity Proofing Requirements, at Identity Assurance Level 2 (IAL2) or Identity Assurance Level 3 (IAL3).
ID TIP_ref5
 TIP  NIST SP 800-63A IAL3 Requirements for Presence, v1.0
Description Profile of requirements related to the presence of an applicant that a Credential Service Provider (CSP) must satisfy to comply with NIST Special Publication 800-63A, Digital Identity Guidelines: Enrollment and Identity Proofing Requirements, at Identity Assurance Level 3 (IAL3).
ID TIP_ref6
 TIP  NIST SP 800-63A IAL3 Requirements for Address Confirmation, v1.0
Description Profile of requirements related to address confirmation that a Credential Service Provider (CSP) must satisfy to comply with NIST Special Publication 800-63A, Digital Identity Guidelines: Enrollment and Identity Proofing Requirements, at Identity Assurance Level 3 (IAL3).
ID TIP_ref7
 TD  ID Proofing - Identity Evidence Collection with High Assurance, v1.0
Description Credential Service Providers must collect evidence of the applicant's identity prior to credential issuance. This evidence must meet guidance specified for high assurance.
ID TD_ref1
Provider Reference
 TD  ID Proofing - Identity Evidence Validation, v1.0
Description Credential Service Providers must validate evidence presented by an applicant as part of the credential issuance process. The validation methods must meet guidance specified within NIST 800-63-3.
ID TD_ref2
Provider Reference
 TD  ID Proofing - Identity Evidence Verification with High Assurance, v1.0
Description Credential Service Providers engaging in high assurance identity proofing must verify the identity evidence presented during credential issuance in-person.
ID TD_ref3
Provider Reference
 TD  ID Proofing - Collection and Recording of Biometric Sample from Applicant, v1.0
Description Credential Service Providers must collect a biometric sample (e.g. finger print, facial image) at the time of identity proofing for the purposes of non-repudiation and re-proofing.
ID TD_ref4
Provider Reference

Sources (2)

NIEF National Identity Exchange Federation
NIST SP 800-63A NIST Special Publication 800-63A, Digital Identity Guidelines: Enrollment and Identity Proofing Requirements. June 2017. Available at https://doi.org/10.6028/NIST.SP.800-63a.
Also available as XML or JSON