NIST digital identity guidelines

E85045

U.S. government guideline cybersecurity guideline digital identity standard

NIST digital identity guidelines are a set of U.S. government standards that define best practices and assurance levels for secure, privacy-conscious digital identity proofing, authentication, and lifecycle management.

Aliases (6)

NIST SP 800-63 ×1
NIST SP 800-63 Digital Identity Guidelines ×1
NIST SP 800-63-3 ×1
NIST SP 800-63B ×1
SP 800-63B: Authentication and Lifecycle Management ×1
SP 800-63C: Federation and Assertions ×1

Statements (49)

Predicate	Object
instanceOf	U.S. government guideline → cybersecurity guideline → digital identity standard →
abbreviation	NIST SP 800-63 Digital Identity Guidelines →
addresses	binding of authenticators to subscribers → credential lifecycle management → federated assertions → identity fraud mitigation → remote identity proofing → revocation of authenticators → session management →
appliesTo	federal agencies → federal information systems →
countryOfOrigin	United States →
definesConcept	Authenticator Assurance Level → Federation Assurance Level → Identity Assurance Level →
emphasizes	privacy → security → usability →
focusesOn	authentication → digital identity proofing → federation → lifecycle management of digital identities →
includesDocument	NIST SP 800-63 → NIST SP 800-63-3 → NIST SP 800-63A → NIST SP 800-63B → NIST SP 800-63C →
includesSection	SP 800-63A: Enrollment and Identity Proofing → SP 800-63B: Authentication and Lifecycle Management → SP 800-63C: Federation and Assertions →
intendedFor	federal policy makers → security architects → system designers →
language	English →
partOf	NIST Special Publication 800 series →
publishedBy	National Institute of Standards and Technology →
recommends	minimization of personal data collection → multi-factor authentication → phishing-resistant authenticators → separation of duties between identity proofing and authorization →
relatedTo	OMB identity policy → federal zero trust strategies →
supportsApproach	federated identity management → privacy by design → risk management →
usedFor	design of digital identity systems → risk-based authentication →

Referenced by (8)

Subject (surface form when different)	Predicate
NIST digital identity guidelines ("NIST SP 800-63") → NIST digital identity guidelines ("NIST SP 800-63-3") → NIST digital identity guidelines ("NIST SP 800-63B") →	includesDocument
NIST digital identity guidelines ("SP 800-63B: Authentication and Lifecycle Management") → NIST digital identity guidelines ("SP 800-63C: Federation and Assertions") →	includesSection
NIST digital identity guidelines ("NIST SP 800-63 Digital Identity Guidelines") →	abbreviation
Login.gov program →	compliesWith
ID.me →	compliesWithStandard