Identity Assurance Framework

 

Document Status Notice

The Kantara Identity Assurance Framework is a set of controlling documentation.
Documents may evolve independently.
The set may contain varying version numbers in the document set.
The current approved version of each document is always listed here.

Service Provider Approval (CSP Full or Component Service)

First, please read Kantara Classes of Approval and High Level View of the Kantara Service Provider Approval Process

Applicants should be fully familiar with, inter alia, Kantara’s: Service Approval Handbook; Service Assessment Criteria, available below. 

Process Documents

Title
KIAF 1340
 1 file(s)
It defines the obligations upon Applicant and Approval-holding CSPs, the ARB and its Secretariat, and Accredited Assessors, with regard to the Approval assessment and application processes. Effective from: 2018-05-01, after which date any parts of the KIAF-1300 (AAS) and KIAF -1800 (RAA) which address the scope now covered by the SAH, shall be withdrawn and no longer accepted by the ARB. NOTE: See KIAF 1340 version 2 in the Service Provider Approval Process Documents above IAF Archive, Process Documents 1.0 Download

    Available Service Assessment Criteria for Identity & Credential Management Systems

    Service Assessment Criteria Sets

    Title
    KIAF 1440 NIST SP 800-63B (PDF)
     1 file(s)
    Please fill out the following to receive the KIAF 1430 NIST SP 800-63A Service Assessment Criteria [contact-form-7 id="7505" title="IAF Downloads"]
    Title: Identity Assurance Framework: NIST SP 800-63B Service Assessment CriteriaVersion: 3.0 Date: 2018-11-09 Editor: R.G. Wilsher Status: Final Recommendation Abstract: This document sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63B as published 2017-12-01 (with errata) at AAL2, to be generally referred-to as the '63B_SAC'. It is anticipated that these criteria will be reviewed 12 months after publication, for any required re-expression, revision, etc. Note: This document is available for Members Only. Filename: KIAF-1440 SP 800-63B Service Assessment Criteria v3.0.pdf
    Service Assessment Criteria Sets 1.0 Download
    KIAF 1430 NIST SP 800-63A(PDF)
     1 file(s)
    Please fill out the following to receive the KIAF 1430 NIST SP 800-63A Service Assessment Criteria [contact-form-7 id="7505" title="IAF Downloads"] Title: Identity Assurance Framework: NIST SP 800-63A Service Assessment CriteriaVersion: 3.1 Date: 2019-01-31 Editor: R.G. Wilsher Status: Final Recommendation Abstract: This Specification sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63A as published 2017-12-01 (with errata) at IAL2, to be generally referred-to as the '63A_SAC'. It is anticipated that these criteria will be reviewed 12 months after publication, for any required re-expression. Note: This document is available for Members Only. Filename: "KIAF-1430 SP 800-63A Service Assessment Criteria v3.1.0pdf" Service Assessment Criteria Sets 1.0 Download
    KIAF-1410 CO_SAC
     1 file(s)
    This document describes the Service Assessment Criteria which are to be applied to all assessed credential services, irrespective of their standards basis or applicable assurance levels. Service Assessment Criteria Sets 2.0 Download
    KIAF-1420 OP_SAC
     1 file(s)
    This document describes the Service Assessment Criteria which are to be applied to ‘Classical’ service operations (i.e. those broadly based on NIST SP 800-63 rev.2 requirements). Service Assessment Criteria Sets 1.0 Download
    KIAF 1440 NIST SP 800-63B (Excel Sheet)
     1 file(s)
    Please fill out the following to receive the KIAF 1430 NIST SP 800-63A Service Assessment Criteria [contact-form-7 id="7505" title="IAF Downloads"]
    Title: Identity Assurance Framework: NIST SP 800-63B Service Assessment CriteriaVersion: 3.0 Date: 2018-11-09 Editor: R.G. Wilsher Status: Final Recommendation Abstract: This document sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63B as published 2017-12-01 (with errata) at AAL2, to be generally referred-to as the '63B_SAC'. It is anticipated that these criteria will be reviewed 12 months after publication, for any required re-expression, revision, etc. Note: This document is available for Members Only. Filename: KIAF-1440 SP 800-63B Service Assessment Criteria v3.0.xlsx
    Service Assessment Criteria Sets Download
    KIAF-1430 SP 800-63A Service Assessment Criteria v3.1.0.xlsx
     1 file(s)
    Please fill out the following to receive the KIAF 1430 NIST SP 800-63A Service Assessment Criteria [contact-form-7 id="7505" title="IAF Downloads"]
    Title: Identity Assurance Framework: NIST SP 800-63A Service Assessment CriteriaVersion: 3.1 Date: 2019-01-31 Editor: R.G. Wilsher Status: Final Recommendation Abstract: This Specification sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63A as published 2017-12-01 (with errata) at IAL2, to be generally referred-to as the '63A_SAC'. It is anticipated that these criteria will be reviewed 12 months after publication, for any required re-expression. Note: This document is available for Members Only. Filename: "KIAF-1430 SP 800-63A Service Assessment Criteria v3.1.0.xlsx"
    Service Assessment Criteria Sets Download

      For More Information, please see: https://kantarainitiative.org/trustoperations/classes-of-approval/

      Supporting Templates for Service Provider Approval 

       

      Assessor Accreditation 

      Requirements and Process Documents

      Title
      KIAF-1610
       1 file(s)
      This is the first publication of this document under its given identity and title. However, it is effectively a re-write of IAF-1600 “Assessor Qualifications and Requirements”. Assessor Accreditation 1.0 Download
      KIAF 1350
       1 file(s)
      This document sets out normative Kantara requirements and is required reading for all ARB Members, applicant Service Providers and Kantara Accredited Assessors. It will also be of interest to those wishing to gain a detailed knowledge of how the Kantara Initiative’s Identity Assurance Framework handles the receipt and processing of applications for Assessor Accreditation. Assessor Accreditation Download

        Supporting Templates for Assessor Accreditation

         

        Contact

        secretariat@kantarainitiative.org

         

        IAF Archive 

        Title
        KIAF 1800
         1 file(s)
        Explicits the normative of the Kantara Initiative requirements. NOTE: Replaced/withdrawn by KIAF 1610, KIAF 1340 and KIAF 1350. See Assessor Accreditation and Service Provider Approval Process Documents above IAF Archive 2.0 Download
        KIAF 1600
         1 file(s)
        The qualifications and requirements that ARB uses to determine Assessors Accreditation. The sole substantive change in this revision is the replacement of previous criteria AD.1 and AD.2 with a single criterion, AD.3. In addition, some editorial changes have been made to ensure understanding or to avoid ambiguity. NOTE: Replaced/withdrawn by KIAF 1610 - See Assessor Accreditation Process Documents above IAF Archive 3.0 Download
        KIAF 1300
         1 file(s)
        Explains how the Assurance Program operates. NOTE: Replaced/withdrawn by KIAF 1610, KIAF 1340 and KIAF 1350. See Assessor Accreditation and Service Provider Approval Process Documents above IAF Archive 5.0 Download
        KIAF 1200
         1 file(s)
        The Kantara Initiative Identity Assurance Work Group (IAWG) was formed to foster adoption of identity trust services. The primary deliverable of the IAWG is the Identity Assurance Framework (IAF), which is comprised of many different documents that detail the levels of assurance and the certification program that bring the Framework to the marketplace. The IAF is comprised of a set of documents that includes an Overview publication, the IAF Glossary, a summary Assurance Levels document, and an Assurance Assessment Scheme (AAS), which encompasses the associated assessment and certification program, as well as several subordinate documents, among them the Service Assessment Criteria (SAC), which establishes baseline criteria for general organizational conformity, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated. This document overviews the four Levels of Assurance, on which the IAF is based, as posited by the U.S. Federal Government and described in OMB M-04-04 [M-04-04] and NIST Special Publication 800-63 [NIST800-63]. These are further described in this document. IAF Archive 2.0 Download
        KIAF 1100
         1 file(s)
        The Kantara Initiative Identity Assurance Work Group (IAWG) was formed to foster adoption of identity trust services. The primary deliverable of the IAWG is the Identity Assurance Framework (IAF), which is comprised of many different documents that detail the levels of assurance and the certification program that bring the Framework to the marketplace. The IAF is comprised of a set of documents that includes an Overview publication, the IAF Glossary, a summary Assurance Levels document, and an Assurance Assessment Scheme (AAS), which encompasses the associated assessment and certification program, as well as several subordinate documents, among them the Service Assessment Criteria (SAC), which establishes baseline criteria for general organizational conformity, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated. This document provides a Glossary of terms used throughout these documents. IAF Archive 2.0 Download
        KIAF 1000
         1 file(s)
        Introduction to the Kantara Initiative Identity Assurance Framework. NOTE: A new document, the IAF 1050- Glossary and Overview will be released soon. IAF Archive 2.0 Download
        KIAF 1340
         1 file(s)
        It defines the obligations upon Applicant and Approval-holding CSPs, the ARB and its Secretariat, and Accredited Assessors, with regard to the Approval assessment and application processes. Effective from: 2018-05-01, after which date any parts of the KIAF-1300 (AAS) and KIAF -1800 (RAA) which address the scope now covered by the SAH, shall be withdrawn and no longer accepted by the ARB. NOTE: See KIAF 1340 version 2 in the Service Provider Approval Process Documents above IAF Archive, Process Documents 1.0 Download

           

          Other Archive

          Kantara Mapping Reports

          Title
          IAF 5463
           1 file(s)
          It provides a mapping between the IAF - 1400 SAC and NIST 800-63-2 Kantara Mapping Reports 2.0 Download
          IAF 5415
           1 file(s)
          It provides a mapping between the IAF -1400 SAC and ISO/IEC 29115 (ITU-T X.1254) Kantara Mapping Reports 1.0 Download

            Kantara Reports

            Title
            IAF 1401
             1 file(s)
            Spreadsheet version of the IAF-1400 Service Assessment Criteria v4.0. It is non-normative and should be considered guidance for users of the IAF. Reports 1.0 Download