<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] High confidence in the asserted [Digital Identity] accuracy

[{$pagename}] requires [Multi-Factor Authentication] remote network [authentication]. At this level, [identity proofing] procedures require verification of identifying materials and information. 

[{$pagename}] [authentication] is based on [Proof-of-Possession] of a key or a [One-Time password] through a [secure connection]. 

[{$pagename}] [authentication] requires [cryptographic] strength mechanisms that protect the primary [authentication] [token] ([secret Key|Private Key], [private Key] or [one-Time password]) against compromise by the [protocol] threats including: eavesdropper, [replay|Replay attack], on-line guessing, [verifier] impersonation and [man-In-The-Middle] [attackers]. A minimum of two [Authentication Factors] is [required|MUST]. Three kinds of [tokens] may be used: “soft” cryptographic [tokens], “hard” cryptographic tokens and “one-time password” device tokens.

[Authentication] requires that the claimant prove through a secure authentication protocol that he or she controls the [token], and must first unlock the [token] with a [password] or [biometric data], or must also use a [password] in a secure authentication protocol, to establish two factor authentication. Long-term shared authentication secrets, if used, are never revealed to any party except the claimant and verifiers operated directly by the Credentials Service Provider (CSP), however session (temporary) shared secrets may be provided to independent verifiers by the CSP. Approved cryptographic techniques are used for all operations. [Assertions] issued about claimants as a result of a successful [authentication] are either cryptographically [authenticated] by [relying parties|Relying Party], or are obtained directly from a trusted party via a secure authentication protocol.

[{$pagename}] is used to access restricted [data].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
</pre>