This structured discussion applies to all students in this course and must be completed by the assigned due date.
Post to the discussion forum by clicking on the “Module 5: Structured Discussion 3” link. Post your original thoughts and then respond to at least two others.
Consider how requirements are mapped to levels of assurance in the NIST Electronic Authentication Guideline SP 800-63-2. Discuss the impacts those
mappings might have on the design of compliant systems. As an example you may consider the way that the University of Wisconsin-Madison has applied
the guideline to their information systems. You may also wish to discuss provision for authentication failure. For example, an authorized user forgets to bring
his or her two-factor token to a university computer system. This may require system administrator services.
NIST SP 800-63-2: http://dx.doi.org/10.6028/NIST.SP.800-63-2
UW-M User Authentication and Levels of Assurance: https://web.archive.org/web/20150927142816/https://www.cio.wisc.edu/security/about/campusinitiatives/user-authentication-levels-assurance/
____________
Once again consider the suggested structure for your response (three to five pages) is 1) interpretation of the question; 2) context [authoritative documents];
3) introduction to the NIST Electronic Authentication Guideline; 4) introduction to an example application such as the UW-M case; 5) analysis; 6) conclusions;
and 7) references cited. Please consider footnotes or endnotes for each key point and for captions for figures/tables.
Note: NIST has released the next revision, SP 800-63-3. You can find it here if you are interested: https://pages.nist.gov/800-63-3/
Structured Discussion 3 Guide.pdf