Your browser has JavaScript turned off.
You must turn it on to proceed.










NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8732

Number 9-8-8732
Priority Important
Description General: Service Providers should classify identity management services against the service architecture and deployment model being utilized to determine the general “security” posture of the identity services, how it relates to asset’s assurance and security protection requirements, and define the needed security architecture to mitigate security risks.
Specifically, if identity related functions are distributed among multiple parties, all parties involved should be clearly identified (e.g., relying parties such as users and service providers, credential providers, verifier or authentication providers, or federation members) with clearly defined roles, responsibilities, and accountability for the security of the identity service and all associated assets.
Network Type(s) Cable; Internet/Data; Satellite; Wireless; Wireline
Industry Role(s) Service Provider
Keyword(s) Cyber Security;Information Protection;Intrusion Detection;
Reference/Comments ITU-T X.1250, Baseline capabilities for enhanced global identity management and interoperability
NIST SP 800-63, Electronic Authentication Guideline