Overview#
Authenticator Assurance Levels (AAL also seen as Authentication Assurance Levels) is intended to provide some confidence in the Authentication provided by Identity Provider (IDP) to a Relying Party at some desired Level Of AssuranceAuthenticator Assurance Levels is a factor within Risk Assessment
NIST.SP.800-63B#
Authenticator Assurance Levels is discussed in NIST.SP.800-63B andLEVEL | Description |
---|---|
AAL1 | Provides some assurance that the claimant controls the Claim requires at least single-factor authentication. |
AAL2 | Provides high confidence that the claimant controls Claim two different Authentication Factors (Multi-Factor Authentication) are required approved cryptographic techniques are required. |
AAL3 | Provides very high confidence that the claimant controls the Claim authentication based on Proof-of-Possession of a key through a cryptographic protocol requires a “hard” cryptographic authenticator. |