PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions

Info icon.

Subcategory is new to this version of the framework and incorporates the following item from the previous version: PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions.

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

1st: 1st Party Risk

3rd: 3rd Party Risk

Ex1: Verify a person's claimed identity at enrollment time using government-issued identity credentials (e.g., passport, visa, driver's license)

Ex2: Issue a different credential for each person (i.e., no credential sharing)