Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Home

NCI Security and Compliance Information

Error rendering macro 'rw-search'

null

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Each EAL allows one or more token types. More details on the different tokens as well as various methods for proving identity are discussed in in NIST 800-63.

Token Type	Level 1	Level 2	Level 3	Level 4
Hard Crypto Token	X	X	X	X
One-time password device	X	X	X


Soft Crypto Token	X	X	X


Passwords and PINs	X	X

It is important to note that the E-Authentication guidance does not apply to authorization. Authorization focuses on the actions permitted of an identity after authentication has taken place. Decisions concerning authorization are and should remain the purview of the business process owner.

...

e-Authentication resources

Blank eRA form
Sample Completed eRA Form
NIST 800-63 Electronic Authentication Guidance

Accessibility | Contact CBIIT | FOIA | HHS Vulnerability Disclosure | Comment Policy
U.S. Department of Health and Human Services | National Institutes of Health | National Cancer Institute | USA.gov
NIH ... Turning Discovery Into Health®

Powered by Atlassian Confluence, themed by RefinedTheme