AS 4860-2007
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
Knowledge-based identity authentication - Recognizing Known Customers
Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users
06-06-2019
English
12-07-2007
Important note : Users cannot be edited or removed once added to your Multi user PDF.This Standard specifies requirements for using pre-existing, authenticated knowledge about a person’s identity held by one organization to streamline provisioning of electronic access to services and facilities by other organizations.
| Committee |
IT-012
|
| DocumentType |
Standard
|
| ISBN |
0 7337 8284 1
|
| Pages |
25
|
| ProductNote |
Withdrawn 06-06-2019.
|
| PublisherName |
Standards Australia
|
| Status |
Withdrawn
|
| Supersedes |
This Standard specifies requirements for using pre-existing, authenticated knowledge about a person’s identity held by one organization to streamline provisioning of electronic access to services and facilities by other organizations. These requirements relate to the access control lifecycle model specified in Appendix A.This Standard provides an alternative to repeating identity authentication checks requiring authentication of Evidence of Identity when applying for access to electronic services where it is possible to rely on authentication of Evidence of Identity performed at an earlier time.The following are excluded from the scope of this Standard.(a) System-to-system access where a person is not associated with each instance of electronic access.(b) Determination of those identity attributes that are necessary to identify a Customer.(c) Syntax for identity attributes.(d) Telecommunications protocols for interactions between Customers, Known Customer Organizations, and other Relying Parties.(e) Requirements for Evidence of Identity and authentication of Evidence of Identity.(f) Criteria concerning whether or not a relationship history is satisfactory.(g) The choice of type of identity authentication credential.(h) Requirements for management of identity authentication credentials (including issue, re-issue, change).(i) Criteria for a Relying Party to decide whether or not identity information held by a Known Customer Organization and identity authentication credentials assigned by a Known Customer Organization meet their needs.(j) Operations in Relying Parties concerning a Customer’s access that take place after completion of access provisioning.(k) Other services that Known Customer Organizations may provide to Relying Parties.(l) Requirements for certification of compliance with the requirements of this Standard.(m) Requirements for accreditation of Known Customer Organizations to provide the services specified in this standard.(n) Procedures to be followed to report fraud or suspected fraud.
First published as AS 4860-2007.
| AS 4590-2006 | Interchange of client information |
| AS/NZS ISO/IEC 27001:2006 | Information technology - Security techniques - Information security management systems - Requirements |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.