fido and strong authentication in us federal government
TRANSCRIPT
![Page 1: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/1.jpg)
All Rights Reserved. FIDO Alliance. Copyright 2016.
#FIDOseminar
FIDO & STRONG AUTHENTICATION IN US FEDERAL GOVERNMENT
Paul Grassi, Senior Standards and Technology Advisor, NIST
![Page 2: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/2.jpg)
Strong Authentication and US Digital Services
![Page 3: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/3.jpg)
–Dr. Andy Ozment
“…encryption would not have helped…”
![Page 4: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/4.jpg)
Privacy Enhancing & Voluntary
Secure & Resilient
Interoperable
Cost-Effective & Easy to Use
![Page 5: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/5.jpg)
USG Use Cases
?M-05-24
![Page 6: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/6.jpg)
![Page 7: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/7.jpg)
relevant efforts @ NIST
![Page 9: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/9.jpg)
![Page 10: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/10.jpg)
Authenticator Assurance Level 3(formerly known as LOA4)
AAL 3 is intended to provide the highest practical remote network authentication assurance. Authentication at AAL 3 is
based on proof of possession of a key in a physical authenticator through a cryptographic protocol. AAL 3 is similar to AAL 2 except that only hardware cryptographic
authenticators (in conjunction with a memorized secret for single-factor cryptographic devices) and multi-factor OTP
devices are allowed. The authenticator SHALL be a hardware cryptographic module validated at Federal Information
Processing Standard (FIPS) 140 Level 2 or higher overall (Level 1 for single-factor authenticators) with at least FIPS
140 Level 3 physical security.
![Page 11: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/11.jpg)
always supported
![Page 12: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/12.jpg)
newly supported
![Page 13: FIDO and Strong Authentication in US Federal Government](https://reader036.vdocuments.us/reader036/viewer/2022062904/58763c901a28ab68098b732b/html5/thumbnails/13.jpg)