AARC-G030 Requirements and Implementations for Authentication Freshness

This document describes mechanisms for forcing a user to perform an additional login (reauthentication) in order to ensure that the user who is accessing a protected resource is the same person who initially authenticated at the start of the session. Forced reauthentication can therefore provide additional protection for sensitive resources.

Document URL:
Development informationAARC Project Wiki
Status: In Progress
Errata: none
Supersedes: none