Presentation is loading. Please wait.

Presentation is loading. Please wait.

This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.

Published byPaola Sanburn Modified over 9 years ago

Similar presentations

Presentation on theme: "This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards."— Presentation transcript:

1 This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards and Technology

2 Our Approach: Componentization …then we get: If the frameworks were modular… Greater transparency of trust framework requirements Greater ease of comparability between frameworks Greater potential for reusability of framework components Greater potential for participation in multiple trust frameworks by ID Ecosystem members with incremental effort and cost And, most importantly: ID Trust Framework B ID Trust Framework A NIST 800-63 LOA 3 NIST 800-63 LOA 3 OAuth ID Trust Framework C FIPS 200 FICAM SAML SSO FIPPs OpenID These modular components are called Trustmarks.

3 A Trustmark-Based ID Ecosystem IDP AP RP IDP AP RP IDP RP IDP RP IDP RP AP IDP ID Trust Framework B ID Trust Framework A ID Trust Framework C Existing Trust Frameworks could be expressed as a set of components called a TIP. Trust Interoperability Profile B Trust Interoperability Profile A Trust Interoperability Profile C

4 A Trustmark-Based ID Ecosystem IDP AP RP IDP AP RP IDP RP IDP RP IDP RP AP IDP Then each member of the community can acquire the necessary Trustmarks based on the TIP. TIP B TIP A TIP C Trustmarks can be acquired through a Trustmark Provider. Trustmark Provider There can be many Trustmark Providers in the ID Ecosystem. Trustmark Provider

5 A Trustmark-Based ID Ecosystem IDP AP RP IDP AP RP IDP RP IDP RP IDP RP AP IDP Trustmarks can be stored in a searchable Trustmark Registries or shared directly with partners. TIP B TIP A TIP C Trustmark Registry IDP X: RP Y: Etc. Trustmark Registry IDP X: RP Y: Etc. Trustmark Registry IDP X: RP Y: Etc.

6 Scope of the NSTIC Trustmark Pilot Trustmark Framework Normative Trustmark Spec Normative TD Spec Normative TIP Spec Normative TIP Spec Trustmark Policy Template Trustmark Agreement Template NIEF Pilot Expanded Pilot via NASCIO/SICAM Concept Maturation Trustmark Concept Presentation Trustmark Pilot Concept Website Outreach to IDESG Outreach to NIEF Membership Outreach to SICAM Stakeholders Outreach to Other Stakeholders Sample TDs, TIPs, and Trustmarks Comm. Protocol TDs & Trustmarks Identity LOA TDs & Trustmarks End-User Privacy TDs & Trustmarks Security Policy TDs & Trustmarks Other TDs & Trustmarks Sample TIPs for NIEF Community Sample Tools Trustmark Assessment Tool for Trustmark Providers Trustmark Generating & Publishing Tool for Trustmark Providers Trustmark Registry Query Tool 1 1 2 2 3 3 4 4 5 5 6 6 Issue Trustmarks to Current NIEF Members Modify Tech Framework, Specs, TDs, TIPs, Policies, Agreements, and Tools as Needed Identify SICAM Use Cases Issue Trustmarks to More IDPs, APs, and RPs via a New Trustmark Provider Demonstrate SICAM Use Cases in a Multiple-Trustmark-Provider Marketplace Demonstrate SICAM Use Cases in a Multiple-Trustmark-Provider Marketplace

7 Trustmarks Trustmark TDO

8 Trustmark Defining Organization Stakeholder Community Trustmark Definition Is Represented By Defines Trustmark Recipient Trustmark Relying Parties Org. 1 Org. 2 End User Trust Interop Profile Trustmark A Trustmark B Trustmark C Is Used By Is Required By Is Trusted By Trustmark Provider Is Required By Issues The Trustmark Framework

9 Sources of Components

10 AAMVAInCommon GFIPMFICAMNIEF Others Creating Modular Common Components Transformation Process Step 1: Gather trust and interop requirements from many frameworks Step 2: Break down and reassemble requirements into modular, reusable components Step 3: Express modularized requirements in a standard format to encourage broad reuse Trustmark Definition Trustmark Definition Trustmark Definition

11 GTRI NSTIC Pilot Trustmark Analysis 122 distinct trustmarks identified (so far) Covers FICAM, GFIPM, & NIEF communities Also covers FIPPs (privacy) topics

12 Trustmarks By Category Identity Assurance Policy (10 Total, 10 Essential to Pilot) Privacy Policy (23 Total, 15 Essential to Pilot) Technical Interoperability (57 Total, 8 Essential to Pilot) Technical Trust (4 Total, 3 Essential to Pilot) Attribute Assurance Policy (2 Total, 2 Essential to Pilot) Organizational Integrity / Bona Fides (6 Total, 3 Essential to Pilot) Usability (2 Total, 0 Essential to Pilot) Security Policy (18 Total, 18 Essential to Pilot)

13 Requirements = Trustmark Component Definitions (TCDs) TCD Spec Ensures that all TCDs contain the minimal info required to promote legitimacy and encourage reuse Name of TDO / Publisher Canonical Published Location (URL/URI) Name of TCD Description and Intended Purpose Target Stakeholder Audience of TCD Date of Publication Version Number Visual Icon or Image Name of TDO / Publisher Canonical Published Location (URL/URI) Name of TCD Description and Intended Purpose Target Stakeholder Audience of TCD Date of Publication Version Number Visual Icon or Image Defines a common structure and syntax for all TCDs Ensures consistency and machine readability for all TCDs Allows for greater ease of understanding a TCD Makes TCDs more likely to be considered for reuse (TCD reuse leads to trustmark reuse) Allows for standards-based TCD tools to proliferate Ensures consistency and machine readability for all TCDs Allows for greater ease of understanding a TCD Makes TCDs more likely to be considered for reuse (TCD reuse leads to trustmark reuse) Allows for standards-based TCD tools to proliferate XML HTML

14 Trustmark Assessment Tool Process Flow Trustmark Assessment Tool Database Trustmark Assessment Tool Trustmark Definitions & Profiles Trustmark Definitions & Profiles Trustmark Provider Trustmark Recipient 1. Load TCDs into Assessment Tool 2. Receive request for trustmark from Trustmark Recipient candidate 3. Perform assessment of Trustmark Recipient candidate 4. Store assessment artifacts / evidence in database 5. Issue trustmark to Trustmark Recipient

Download ppt "This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards."

Similar presentations

Spatial Data Infrastructures and Spatial Ontologies and Semantics

Spatial Data Infrastructures and Spatial Ontologies and Semantics
1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.

1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.
TFTM 01-02 TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state. 2013 October.

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October.
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1.

TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
TFTM Sub-Committee 01-06 What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, 2014 4-16-2014IDESG TFTM Committee1.

TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.
Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda.

Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda.
John Wandelt Mar 2015. National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing.

John Wandelt Mar National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing.
Www.incommon.org A View into the Mi$t 1 RL Bob Morgan University of Washington Co-chair, InCommon Technical Advisory Committee.

A View into the Mi$t 1 RL "Bob" Morgan University of Washington Co-chair, InCommon Technical Advisory Committee.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.

Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,

Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
Mike Smorul Saurabh Channan Digital Preservation and Archiving at the Institute for Advanced Computer Studies University of Maryland, College Park.

Mike Smorul Saurabh Channan Digital Preservation and Archiving at the Institute for Advanced Computer Studies University of Maryland, College Park.
GFIPM Web Services Implementation Status Update GFIPM Delivery Team Meeting November 2011.

GFIPM Web Services Implementation Status Update GFIPM Delivery Team Meeting November 2011.
GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.

GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.

Similar presentations

Ads by Google