The private keys used to sign assertions and tokens are protected commensurate with the impact of the system and information resources that can be accessed.