Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,

Slides:



Advertisements
Similar presentations
ITU Regional Seminar on E-commerce Bucharest, Romania May 2002 National E-commerce Strategies for Development Dr. Susanne Teltscher United Nations.
Advertisements

Single Sign-On and Federated Authentication at NIH and Beyond
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Near East Plant Protection Network for Regional Cooperation & Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview on.
Electronic commerce EDI (8 decade) – base of EC – “Netscape” – propose SSL (Secure Sockets Layer) 1995 – “Amazon.com” “eBay.com” 1998 – DSL (Digital.
Digital Identity Group May GIXEL  GIXEL is the professional association of electronic component and system industries in France. It brings together.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
Open Identity for Open Government and the Open Identity Exchange (OIX): A Market Solution to Online Trust June 2010.
Kantara Initiative Identity Assurance Framework Overview and Value Proposition March 8, 2011.
IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair
Helena Sims NACHA – The Electronic Payments Association Overview of The Electronic Authentication Partnership Tenth Federal & Higher Education PKI Coordination.
1. Guiding Principles 3. Critical Success Factors 2. Delivery Processes 4. Benefits Realisation Strategy Business Management Technology Management Roadmap.
1 Enabling Open Government Using the OIDF/ICF Open Trust Framework OASIS Identity Management 2009 September 29, 2009 Don Thibeau, ED, OpenID Foundation.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
Copyright 2008, Near-Time, Inc. All other trademarks are property of their respective owners 1 Enabling the Interactive Enterprise.
The 4BF The Four Bridges Forum Higher Education Bridge Certificate Authority.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.
Single Sign-On, Federated Authentication and Beyond at NIH Dr. Peter Alterman National Institutes of Health.
The Business of Identity Management Barry R. Ribbeck Director Systems Architecture & Infrastructure Rice University
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
This presentation was prepared by Georgia Tech Research Institute using Federal funds under award 70NANB13H189 from National Institute of Standards and.
A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality
Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.
FIM-ig Federated Identity Management Interest Group.
Identity Relationship Management The Next Evolution of Identity and Access Management for the Internet of Everything.
Karen Sollins MIT Communications Futures Program October 24, 2013 Trust: trustmarks, concepts, frameworks.
Government of CanadaGouvernement du Canada Governments Without Boundaries Serving Citizens in a Digital World Presentation to e-Governance Task Force.
Atif Iqbal, R. K. Bagga.  Appropriate mechanism for good governance with the involvement of Information Technology in the system of the government and.
The InCommon Federation The U.S. Access and Identity Management Federation
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
The Open Identity Framework Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)
1 National Strategy for Trusted Identities in Cyberspace Identity in Cyberspace: Improving Trust via Public-Private Partnerships Jeremy Grant Senior Executive.
1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.
Trusted Federated Identity and Access Management to provide the Cornerstone for Cyber Defense.
TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
GC Credential Management Evolution for the OASIS/World Bank eGov Workshop 17 th April, 2009For information, please contact:
IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.
Federated Identity: What It Brings to Open Government Dr Ken Klingenstein Director, Internet2 Middleware and Security.
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
Kevin Novak, Chair W3C Electronic Government Interest Group April 17, 2009.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Overview of Issues and Interests in Standards and Interoperability Mary Saunders Chief, Standards Services Division NIST.
OIX initiative, US only? Mapping Swedish Academic Identity Federation 2.0 Policy Framework to Open Identity Exchange (OIX) Trust Framework Provider Assessment.
Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.
Cloud Computing, Policy Management and Standardization Europe Identity Conference 2011 John Sabo, Director Global Government Relations, CA Technologies.
The Feds and Shibboleth Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health.
Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.
Ensuring Conformance & Interoperability NHIN Testing Leslie Power, NHIN Testing Lead (Contractor) Office of the National Coordinator for Health IT WEDNESDAY,
Mariann Yeager, NHIN Policy and Governance Lead (Contractor) Office of the National Coordinator for Health IT David Riley, CONNECT Lead (Contractor) Federal.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Kantara Initiative Privacy Framework Overview and Value Proposition 13 May 2011.
Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
The Value of Creating the Identity Ecosystem. The Identity Ecosystem Steering Group (IDESG) is the source of expertise, guidance, best practices and tools.
IAM VISION OUR CREATIVE INSPIRATION IAM STRATEGY & ROADMAP TEAM JUNE 3, 2015.
Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
Cross-sector and user-centric AAI
Higher Education’s Role in the Identity Ecosystem
Service Organization Control (SOC)
HIMSS National Conference New Orleans Convention Center
Reiniger LLC.
The Use of Open Identity Technologies in Government
Presentation transcript:

Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan, Kantara Initiative Don Thibeau, OpenID Foundation Open Identity Exchange

Overview What’s all this fuss about Trust Frameworks?

The Trust Community Four main roles involved in making online exchanges trustworthy: 1. End-Entities who are the subjects of identity credentials 2. Credential Service Providers (CSPs) 3. Auditors 4. Entities that rely upon the credentials issued by CSPs, referred to as “relying parties.” Our Identity Assurance Framework is targeted to address each of these community roles…

Kantara Initiative approach to Federated Identity Identity Assurance Framework – one stop policy shop…

Identity Assurance Framework Components

Kantara Initiative Accreditation and Certification Who should apply and how? Assessors / Auditors Credential Service Providers, Identity Providers For More Information Visit our Assurance Certification Center: Connect with me:

What’s Next? Profiles, profiles and more profiles Jurisdictional (governments), HealthCare, Financial, Telecommunications, etc Federation Interoperability Work Group (FIWG) With input from international stakeholders FIWG developing tools for Federations to use for Interoperation. Enabling communication of Meta-Data between Federations Open for adoption by communities world-wide via Creative Commons IPR

Benefits of Adoption US Government ICAM Adopted Level 1, 2, 3 non-crypto Identity Assurance Framework (IAF) is technology Agnostic Can be adopted as organizational policy framework regardless of the technology protocol in place. Lowers cost to jurisdictions and entities enabling eased transition in to Trust Framework Model Has Kantara Initiative international community input Austria, Canada, Denmark, France, Japan, New Zealand, Sweden, United Kingdom, United States – the list keeps growing Enables Inter-federation through trusted and certified credentials Could be applied across jurisdictional federations like the European Union. Enables Government entities to leverage private-sector activities

Working Together Building Trust…

Collaboration

Kantara Initiative Work Groups Kantara Initiative – Identity Assurance (IAWG) eGovernment (eGovWG) Federation Interoperability Privacy and Public Policy (P3WG)

Open Identity Exchange (OIX) Work Groups Telco Data Work Group Verizon, AT&T, TNS, Pacific East, etc. Public Media National Public Radio, Public Broadcasting Service, etc. Librarians, Authors, Publishers National Institute of Health, National Library of Medicine, ORCID, APA, etc Identity Attributes Trust Framework Google, Yahoo!, AOL, Hot Mail, etc.

OIX/Kantara Collaborative Work Groups US ICAM Higher Levels of Assurance OIX, KI, US GSA, US NIH, etc. A public private partnership to define new technical /policy profiles for higher levels of assurance (NIST LoA 2 and 3) A forum and forcing function to map policy and legal issues to government and citizen interaction over the web A collaboration among leading industry organizations to break new ground in trust framework development

Introduction to OIX A Market Solution to Online Identity Trust…

A Matter of Trust Relying Parties must be able to trust that the Identity Provider is providing accurate customer data Identity Providers must be able to trust that the Relying Party is legitimate (i.e., not a hacker, phisher, etc) Direct RP-to-IDP trust agreements are a common solution, but are impossible to manage at Internet scale

OIX Trust Framework Trust Community The Trust Framework Solution Identity Service Provider Relying Party user

Credit Card Trust Framework Trust Community Proven Trust Frameworks Exist!

The OIX Identity Trust Framework Model Open Identity Exchange Trust framework agreements Identity Service Provider Relying Party user

What OIX Provides Referee Neutral, technology agnostic provider of trust frameworks Certification Listing Service Machine-readable information about trust framework participants and certifications

OIX Drives Adoption By improving market efficiency By providing openness and transparency By ensuring credibility and accountability in the system By enabling improved user experience

Real World Examples OIX U.S. ICAM (Identity, Credential, and Access Management) Trust framework For U.S. federal government agencies OIX Telecom Data Trust Framework For Telco Data Services providers For Data Aggregators

Summary OIX and KI work together to provide an Internet-scale solution to enable trusted online digital identities

Thank You! Get in touch with us…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.