Term:Assurance Level

From FISMApedia
Jump to: navigation, search

DoDI 8520.02

Assurance Level - The level of assurance associated with a certificate is an assertion by a Certificate Authority of the degree of confidence that others may reasonably place in the binding of a public key to the identity and privileges asserted in the certificate. Personnel, physical, procedural, and technical security controls contribute to the assurance level of the certificates issued by a certificate management system. Assurance levels are defined in reference (j). E2.1.1.

NIST SP 800-116

Assurance Level (or E-Authentication Assurance Level)- A measure of trust or confidence in an authentication mechanism defined in OMB Memorandum M-04-04 and NIST Special Publication ( SP) 800-63, in terms of four levels:

  • Level 1: LITTLE OR NO confidence
  • Level 2: SOME confidence
  • Level 3: HIGH confidence
  • Level 4: VERY HIGH confidence [M-04-04]