Name		Name	Last commit message	Last commit date
parent directory ..
media		media
README.md		README.md
appA_memorized.md		appA_memorized.md
cover.md		cover.md
index.md		index.md
references.md		references.md
sec10_usability.md		sec10_usability.md
sec1_2_introduction.md		sec1_2_introduction.md
sec3_definitions.md		sec3_definitions.md
sec4_aal.md		sec4_aal.md
sec5_authenticators.md		sec5_authenticators.md
sec6_lifecycle.md		sec6_lifecycle.md
sec7_session.md		sec7_session.md
sec8_security.md		sec8_security.md
sec9_privacy.md		sec9_privacy.md

README.md

SP 800-63B

This is a working draft of NIST Special Publication 800-63B Authentication and Lifecycle Management. This document is a sub-document referenced by SP 800-63-3 covering the associated topics that had been previously in SP 800-63-2.

SP 800-63B provides guidance on the selection, use, and management of authenticators (formerly called tokens) to authenticate a remote subscriber to an identity system at specified levels of strength.

An identifier that can be used to associate the subscriber with previous interactions with the same relying party
A metric describing the strength of the authentication process
Optionally, one or more attributes associated with the subscriber

This document is broken up into sections as follows:

Front matter

1. Purpose and 2. Introduction

3. Definitions and Abbreviations

4. Authenticator Assurance Levels

5. Authenticator and Verifier Requirements

6. Authenticator Lifecycle Management

7. Session Management

8. Threats and Security Considerations

9. Privacy Considerations

10. Usability Considerations

11. References