Description (short summary): This deliverable explores how member states classify their local authentication solutions into levels of quality, and it investigates on a common framework for expressing authentication assurance levels in STORK. The IDABC “Proposal for a multi-level authentication mechanism and a mapping of existing authentication mechanisms†is used as guideline on the definition of a tentative common multi-level authentication scheme. A preliminary mapping between the locally adopted levels and the tentative assurance levels is also proposed. In order to obtain e-ID interoperability, a broad understanding of the spectrum of existing solutions and a common way to qualify the authentication assurance levels required by the member states are needed. This qualification should be based upon the means used for identification/authentication rather than on the quality of the authenticators; thus, in the previous example, the software certificate obtained via the Internet without any physical presentation of the owner offers less assurance than the username/password combination that complies with a very high registry authority standards. Finally, this common qualification scheme must complement (and not override) the authentication assurance levels used within the member states.
Number of pages: 57
Description of license: © STORK-eID Consortium
Nature of documentation: Official reports and studies