U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology / Cybersecurity

Identity & Access Management

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author
  • Published Date
Displaying 26 - 50 of 113

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

January 14, 2020
Author(s)
Loic D. Lesavre, Priam C. Varin, Peter M. Mell, Michael S. Davidson, James Shook
Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing within organizations and on the web. Traditional identity systems typically suffer from single points of failure

Rethinking Authentication

November 11, 2019
Author(s)
Kim B. Schaffer
In today's environment, there is little doubt that companies, organizations, and governments must make significant investments in developing, implementing, and supporting authentication for their digital systems. Perhaps because of this, an organization's

Derived Personal Identity Verification (PIV) Credentials

August 27, 2019
Author(s)
William D. Newhouse
Federal Information Processing Standards (FIPS) Publication 201-2, “Personal Identity Verification (PIV) of Federal Employees and Contractors,” establishes a standard for a PIV system based on secure and reliable forms of identity credentials issued by the

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

Multifactor Authentication for E-Commerce

July 30, 2019
Author(s)
William D. Newhouse
As retailers in the United States have adopted chip-and-signature and chip-and-PIN (personal identification number) point-of-sale (POS) security measures, there have been increases in fraudulent online card-not-present (CNP) electronic commerce (e-commerce

Attribute Considerations for Access Control Systems

June 18, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David Kuhn
Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need to be established, issued, stored, and managed under an authority. Attributes shared across

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

February 25, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

Access Control for Emerging Distributed Systems

November 1, 2018
Author(s)
Chung Tong Hu, David R. Kuhn, David F. Ferraiolo
As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power of distributed systems to boost security and prevent fraud. How can these systems' capabilities be

Guidelines for the Use of PIV Credentials in Facility Access

June 29, 2018
Author(s)
Hildegard Ferraiolo, Ketan L. Mehta, Nabil Ghadiali, Jason Mohler, Vincent Johnson, Steven Brady
This recommendation provides a technical guideline to use Personal Identity Verification (PIV) Cards in facility access; enabling federal agencies to operate as government-wide interoperable enterprises. These guidelines cover the risk-based strategy to

Digital Identity Guidelines [including updates as of 12-01-2017]

December 1, 2017
Author(s)
Paul A. Grassi, James L. Fenton, Michael E. Garcia
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover identity proofing and

Digital Identity Guidelines: Authentication and Lifecycle Management [including updates as of 12- 01-2017]

December 1, 2017
Author(s)
Paul A. Grassi, Ray A. Perlner, Elaine M. Newton, Andrew R. Regenscheid, William E. Burr, Justin P. Richer, Naomi B. Lefkovitz, Jamie M. Danker, Mary F. Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of