Summary

This Recommendation defines four levels of entity authentication assurance (i.e., LoA 1 � LoA 4), and the criteria and threats for each of the four levels of entity authentication assurance. Additionally, it:

������������ specifies a framework for managing the assurance levels;

������������ provides guidance concerning control technologies that are to be used to mitigate authentication threats, based on a risk assessment;

������������ provides guidance for mapping the four levels of assurance to other authentication assurance schemas; and

������������ provides guidance for exchanging the results of authentication that are based on the four levels of assurance.