Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Started with SURF's "Remote vetting for SURFconext Strong Authentication" flows.

The content was refactored with ITU-T X.1254/ ISO/IEC DIS 29115 recommendation "Entity authentication assurance framework" as a conceptual basis. Publicly available and influential.

The following generalised functional units (actions) serve to design and implement the vetting scenarios for second factor and multifactor authentication that fulfil some of ITU-T X.1254 entity authentication assurance framework processes. The following processes from its "8.1 Enrollment phase" are to be covered:

...

Descriptions of actions are process and flow-oriented, not data-oriented. Inputs and outputs descriptions are therefore rather informal.

...

C_USE_EXISTING_FACTOR Authenticate Using Existing Factor (Any alternative phrasing for _EXISTING?)

The applicant authenticates with his/her factor(s) already in place and function in the system. Username/password login is typically the first existing factor that is readily available.

...