7.5.9 For authentication at Authentication IL1 or above, it wil general y be
necessary to secure information exchanges between a client and the e-
Government service to protect against man-in-the-middle and other
impersonation attacks.93 Protection might be applied for al of the transactions
within a client session, or only for some of these transactions at a level that is
tailored to the value of the transaction. This wil typical y require the use of
electronic signing for transactions whose impact level for integrity is Integrity IL1
or above, and/or use of cryptography for transactions at Confidentiality IL1 or
above. Normal commercial technologies and techniques should be employed
wherever possible to support this requirement.
Email this to a friend.
Previous item —