Authenticator Assurance Levels

Overview#

Authenticator Assurance Levels (AAL also seen as Authentication Assurance Levels) is intended to provide some confidence in the Authentication provided by Identity Provider (IDP) to a Relying Party at some desired Level Of AssuranceAuthenticator Assurance Levels is a factor within Risk Assessment

NIST.SP.800-63B#

Authenticator Assurance Levels is discussed in NIST.SP.800-63B and
LEVELDescription
AAL1Provides some assurance that the claimant controls the Claim
requires at least single-factor authentication.
AAL2Provides high confidence that the claimant controls Claim
two different Authentication Factors (Multi-Factor Authentication) are required
approved cryptographic techniques are required.
AAL3Provides very high confidence that the claimant controls the Claim
authentication based on Proof-of-Possession of a key through a cryptographic protocol
requires a “hardcryptographic authenticator.

More Information#

There might be more information for this subject on one of the following:
Please see our Copyright And Intellectual Property Page and Standard Disclaimer Pages!