Project news

Authentication Step-Up Protocol and Metadata V1.0 CS01 published by the Trust Elevation TC

OASIS is pleased to announce the approval and publication of a new Committee Specification by the members of the OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC:

Authentication Step-Up Protocol and Metadata Version 1.0
Committee Specification 01
15 December 2016

What is the Authentication Step-Up Protocol and why is it useful?

Electronic Identity Credential Trust Elevation Methods are used to increase assurance in entity identification using authentication events and related entity information for the purpose of risk mitigation when making access control policy decisions.

The goals of the Authentication Step-Up Protocol are:

· To propose simple Trust Elevation architectural patterns demonstrating the use of Trust Elevation in modern Access Control architectures.

· To describe a common metadata set, mechanisms and protocol elements for Trust Elevation information exchanges.

· To promote the use of Trust Elevation elements to facilitate standardization among the many technologies and approaches currently in use for credential & authentication risk mitigation.

This is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

About the TC:

The OASIS Trust Elevation TC works to define a set of standardized protocols that service providers may use to elevate the trust in an electronic identity credential presented to them for authentication. The Trust Elevation TC is intended to respond to suggestions from the public sector, including the U.S. National Strategy for Trusted Identities in Cyberspace (NSTIC). The Trust Elevation TC promotes interoperability among multiple identity providers–and among multiple identity federations and frameworks–by facilitating clear communication about common and comparable operations to present, evaluate and apply identity [data/assertions] to sets of declared authorization levels.

URIs:
The prose specifications and related files are available here:

Editable source (Authoritative):
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/cs01/trust-el-protocol-v1.0-cs01.docx

HTML:
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/cs01/trust-el-protocol-v1.0-cs01.html

PDF:
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/cs01/trust-el-protocol-v1.0-cs01.pdf

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/cs01/trust-el-protocol-v1.0-cs01.zip

Members of the OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC
https://www.oasis-open.org/committees/trust-el/

[2] Public reviews:
– 15-day public review, 17 November 2016:
https://lists.oasis-open.org/archives/members/201611/msg00005.html
– Comment resolution log:
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/csprd02/trust-el-protocol-v1.0-csprd02-comment-resolution-log.txt

– 30-day public review, 22 December 2015:
https://lists.oasis-open.org/archives/members/201512/msg00008.html
– Comment resolution log:
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/csprd01/trust-el-protocol-v1.0-csprd01-comment-resolution-log.xlsx

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3018