Overview#NIST.IR 7817 is a NIST INTERNAL/INTERAGENCY REPORTS (NISTIR) covering A Credential Reliability and Revocation Model for Federated Identities
NIST.IR 7817 points out: Evidence of malicious activity at the service provider is not generally shared with the identity provider. This situation is unfortunate, as the service provider is at the forefront of attacks. It has all audit trails and knowledge of suspicious or malicious account activities ... Service provider feedback is especially useful and indicative in the federation since the feedback is likely reported by several service provider in the federation, thus providing strong evidence of credential compromise.
Uniform Reliability and Revocation Service (URRS)#NIST.IR 7817 suggest a Uniform Reliability and Revocation Service (URRS) further stating: The URRS is the central information collection and distribution point of credential status information and its reliability. The role of the URRS is to:
- Maintain credential status (ACTIVE, SUSPENDED, REVOKED).
- Communicate credential status and reliability scores to service provider in order for the service provider to make a risk based decision to accept or decline the proposed credential for authentication.
- Maintain reliability score for each ACTIVE credential and
- Lower the reliability score in cases where the pre-established reliability threshold has not been reached. The credential status in this case remains ACTIVE.
- Update the credential status to SUSPENDED in cases where the pre-established reliability threshold has been reached or as requested by the user.
- Update the credential status to REVOKED as requested by the identity provider.
- Communicate feedback from the service provider to the identity provider and the user, including the resulting actions (credential status and/or reliability score update).
- Accept immediate SUSPENSION requests from the user for credentials that have not reached the pre-established reliability threshold.
- Accept immediate REVOCATION requests from the identity provider for credentials that have not reached the pre-established reliability threshold.
These updates are communicated to the identity provider and the user. The URRS automatically suspends the credential if a feedback causes the score to fall below the reliability score threshold. The threshold value is established and agreed upon by the identity providers and service providers when the URRS is set up.