Electronic Authentication Assurance Level Code

See all versions of Attribute: Electronic Authentication Assurance Level Code Active / In Use

Full Formal Attribute Name

gfipm:2.1:user:ElectronicAuthenticationAssuranceLevelCode

Abbreviated Formal Attribute Name

ElectronicAuthenticationAssuranceLevelCode

Definition

The maximum NIST electronic authentication assurance level that can be satisfied by the electronic identity on which this assertion is based.

Data Type

Version Number

2.1

Usage Information

This attribute is a four-level code, ranging from level 1 through level 4, in which each level corresponds to an authentication mechanism assurance level defined in NIST Special Publication 800-63-1, "Electronic Authentication Guideline", published in December 2011.

If there is a SAML authentication context associated with the SAML assertion containing this attribute, then the NIST level conveyed by this element MUST be consistent with the type of authentication conveyed by the SAML authentication context.

Example Content

"NISTLEVEL1", "NISTLEVEL2", "NISTLEVEL3", "NISTLEVEL4"

NIEM Xpath

N/A

NIEM Definition

N/A

Source

GFIPM Demo Project Participants (CISA, JNET, and RISS)

Misc. Notes

For more information about the specific authentication mechanism requirements at each NIST level of assurance, please see Sections 6.3.1, 7.3.1, and 8.3.2 of NIST Special Publication 800-63-1. Also, please note that the definition of this attribute specifically excludes NIST requirements in Section 9.3.2, which pertain to the use of assertions.

Aliases