With a wide range of identity assurance frameworks to choose from, the most appropriate choice of assurance profile for a use case (one that meets both the risk assessment and the social and community context in which the assurance is needed) may be viewed as confusing. The choice of Cappuccino or Espresso from the REFEDS Assurance Framework, Assam from the AARC social media assurance, Birch and Dogwood from the Interoperable Global Trust Federation, Silver and Bronze from InCommon, and Levels 1 through 4 from both Kantara and NIST SP800-63 – all of these merit a policy mapping and comparison framework. In this whitepaper, we identify the implicit trust assumptions (in research and collaboration frameworks, the R&E identity federations, general private sector frameworks and e-government schemes) and present a way of comparing these frameworks.
Document URL: https://wiki.geant.org/download/attachments/123766068/AARC-I050-ComparisonGuidetoAssuranceMapping.pdf
Development information: AARC Project Wiki