The National Institute of Standards and Technology released a newly revised publication that expands the options for government agencies to verify the identity of users who use their web-based services.
The publication, Electronic Authentication Guideline, is a revision and update of the original document released in 2006 and provides an update in regards to the technologies that have changed in that timeframe.
“Changes made to the document reflect changes in the state of the art,” said NIST Cryptographic Technology Group Manager Tim Polk. “There are new techniques and tools available to government agencies, and this provides them more flexibility in choosing the best authentication methods for their individual needs, without sacrificing security.”
The revision broadens the discussion of technologies available to agencies and gives a more detailed discussion of these technologies. The guideline applies whether agencies choose to handle authentication directly or leverage services provided by other parties, including commercial companies, according to NIST.