NSTIC ID Ecosystem A Conceptual Model v03 Andrew Hughes October 2013 - October 2013 - IDESG Version 1.

Slides:



Advertisements
Similar presentations
TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October.
Advertisements

Auditing, Assurance and Governance in Local Government
TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair
Functional component terminology - thoughts C. Tilton.
TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.
Proposed Workflow IDESG Self-Assessment and Attestation Program For TFP’s Discussion Deck TFTM Committee 09/23/
UDDI, Discovery and Web Services Registries. Introduction To facilitate e-commerce, companies needed a way to locate one another and exchange information.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Ken Laskey, co-editor 5th SOA for E-Government Conference 1 May 2008
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.
National Smartcard Project Work Package 8 – Security Issues Report.
Identity Relationship Management The Next Evolution of Identity and Access Management for the Internet of Everything.
Meeting SB 290 District Evaluation Requirements
Functional Model Workstream 1: Functional Element Development.
Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013.
Karen Sollins MIT Communications Futures Program October 24, 2013 Trust: trustmarks, concepts, frameworks.
Ray Collins27th September 2005LGfL Project – workshop report1 LGfL Project Report Proof of Principle of the Shibboleth Authentication & Authorisation Infrastructure.
Identifying the Baseline IDESG Security Committee Discussion 10/23/
TFTM Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities.
Standards and Standardization. Standard Levels Standards preside according to the level. Their effect, image and their scope of work change from one level.
12-1 Project Management from Simple to Complex This work is licensed under the Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported.
Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.
HIT Policy Committee Nationwide Health Information Network Governance Workgroup Recommendations Accepted by the HITPC on 12/13/10 Nationwide Health Information.
GUIDELINES ON CRITERIA AND STANDARDS FOR PROGRAM ACCREDITATION (AREA 1, 2, 3 AND 8)
TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.
A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.
TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state November.
© Copyright 2011, Alembic Foundation. All Rights Reserved. Aurion: Health Information Exchange Technology Today Alembic Foundation OSCON 2011 July 27,
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Inspire Personal Skills Interpersonal & Organisational Awareness Developing People Deliver Creative Thinking & Problem Solving Decision Making, Prioritising,
IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.
Identity Ecosystem Framework and Charter Gap Analysis.
HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 15,
ITU-T X.1254 | ISO/IEC An Overview of the Entity Authentication Assurance Framework.
HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
STANDARDS COORDINATION COMMITTEE PLENARY BREAKOUT 18 SEPTEMBER 2014 Interoperability Requirements.
HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 18,
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
ONC’s Proposed Strategy on Governance for the Nationwide Health Information Network Following Public Comments on RFI HIT Standards Committee Meeting September.
Weekly Discussion Guide Functional Model Planning October 31, 2013 Adam Madlin Security Committee.
Cloud Computing, Policy Management and Standardization Europe Identity Conference 2011 John Sabo, Director Global Government Relations, CA Technologies.
Proposed Privacy Taxonomy for IOT Scott Shorter, Electrosoft, These slides are based on work contributed to the IDESG Use Case AHG in January.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
The Patient Choice Project Project Kickoff December 14 th, 2015.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
NSTIC and the Identity Ecosystem Jim Sheire Senior Advisor NSTIC National Program Office, NIST 14 November 2012.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.
The Data Sharing Working Group 24 th meeting of the GEO Executive Committee Geneva, Switzerland March 2012 Report of the Data Sharing Working Group.
Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)
The Value of Creating the Identity Ecosystem. The Identity Ecosystem Steering Group (IDESG) is the source of expertise, guidance, best practices and tools.
19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
PROTECTING THE INTERESTS OF CONSUMERS OF FINANCIAL SERVICES Role of Supervisory Authorities Keynote Address to the FinCoNet Open Meeting 22 April 2016.
Progress Report on the U.S. NSTIC Efforts Jack Suess – Delegate for Research, Development, Education & Innovation
Enterprise Architectures Course Code : CPIS-352 King Abdul Aziz University, Jeddah Saudi Arabia.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
Update from the Faster Payments Task Force
InCommon Steward Program: Community Review
Presentation transcript:

NSTIC ID Ecosystem A Conceptual Model v03 Andrew Hughes October October IDESG Version 1

This version of the slide deck has been contributed to the IDESG. This slide deck was originally created September 2013 by Andrew Hughes – please contact for more information or comments. This deck builds upon material in the presentation deck originally presented to IDESG Committees at the July 2013 IDESG Plenary meeting at MIT. The content of this slide deck is the opinion of the author based on many discussions, experience, analysis and received feedback. The concepts have not been formally approved or endorsed by the IDESG Plenary. This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA. - October IDESG Version 2

Objectives To describe the NSTIC ID Ecosystem focusing on the interactions between members of an “online community” * To describe how major NSTIC Strategy Document elements work together to define an NSTIC ID Ecosystem and its participants - October IDESG Version 3 * The “Online Community” is central to the NSTIC ID Ecosystem concept and comes directly from the NSTIC Strategy document.

Context This ‘conceptual model’ sits above items such as standards, use cases, functional models The intent is to offer a view of what the target state NSTIC ID Ecosystem might look like and give structure to the components of the NSTIC ID Ecosystem - October IDESG Version 4

The NSTIC ID Ecosystem* will consist of different online communities that use interoperable technology, processes, and policies - October IDESG Version 5 *Source: The NSTIC Strategy Document

Take-away Concepts A defining characteristic of the NSTIC ID Ecosystem is that it is comprised of “online communities” * interacting in a variety of ways - October IDESG Version 6 * The term “online communities”, while not perfect, should be used until IDESG determines the best replacement term and creates an IDESG Vision statement.

NSTIC Vision* Individuals and organizations utilize secure, efficient, easy-to-use and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation. - October IDESG Version 7 *Source: The NSTIC Strategy Document

Take-away Concepts Access to online services is the central concept of the Vision “Identity Solutions” enable access to online services The online services and identity solutions must have features and capabilities that encourage adoption and use, and mitigate concerns and barriers to acceptance - October IDESG Version 8

Trust Framework* developed by a community defines the rights and responsibilities of that community’s participants specifies the policies and standards specific to the community defines the community-specific processes and procedures that provide assurance considers the level of risk associated with the transaction types of its participants - October IDESG Version 9 *Source: The NSTIC Strategy Document

Take-away Concepts The “online community” sets their own policies, standards and rules around the transactions and interactions of their members - October IDESG Version 10

In A Nutshell (these bullets capture the essence of an NSTIC ID Ecosystem) “Online communities” set their own rules according to their members’ needs “Online communities” interact with each other in the NSTIC ID Ecosystem The rules of different “online communities” might be different Access to online services enabled by identity solutions is at the heart of the NSTIC ID Ecosystem - October IDESG Version 11

NSTIC ID Ecosystem? - October IDESG Version 12 ID Ecosystem Framework Rules Arrows = Inter-community interactions Online Communities

Take-away Concepts “Online communities” ‘inside the line’ have been evaluated against the ID Ecosystem Framework policies, standards and rules These communities meet the conditions of inclusion The nature of the inter-community interactions is currently not standardized or regularized – they are custom built Although there are “online communities” outside the NSTIC ID Ecosystem, they are not shown here - October IDESG Version 13

“Online Community” Take a closer look at the internal structure of an NSTIC-y “online community” - October IDESG Version 14

A Proposed Point of View Within an “online community”, think of ‘Access to Online Services’ as an interaction or transaction between a provider and receiver of that online service The provider, receiver and service must abide by the rules of the “online community” – the Trust Framework rules (Now, and in the future) The online service receiver can choose which providers and services (and Communities!) meet their needs, including privacy, security, reliability, ease of use, confidence, etc. The online service provider defines what an online service consumer must do in order to receive service – the “Terms of Service” Some terms might be satisfied by presenting third-party credentials or tokens; or by payment; or by group affiliation or membership - October IDESG Version 15

The ‘Transaction’ Point of View In this point of view the working unit is the interaction-transaction between provider and receiver plus the ‘Terms of Service’ plus the Fulfillment’ of those terms meeting the community’s Trust Framework rules – everything else exists to support this interaction - October IDESG Version 16

A “Community” Unit - October IDESG Version 17 e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms Community Trust Framework Rules e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms e-Service Provider e-Service Receiver Transaction Type- Interaction Type Terms of Service Fulfillment of Terms

Where’s the IdP? For that matter, where’s the CSP, CA, IdP/V, RP and all the other Assurance, Trust and Identity bits? This conceptual model considers them to be the means by which Terms of Service are expressed and fulfilled – so they do not appear at this level of abstraction - October IDESG Version 18

An “Online Community” - October IDESG Version 19 The Community Shared values, beliefs, principles Common goals and objectives Has ‘tools’ for joining Has ‘tools’ for locating Could be mandated by law The Transaction A particular set of commercial, social, ‘social contract’, or information exchanges that exist for the community, in support of their common goals Business Shared need to perform transactions in the context of the community Legal Trust Framework agreements Commercial contracts Legal Framework Technical Protocol suites & capability Network Connectivity Shared Standards An “Online Community” Trust Framework Rules

The provider states the “Terms of Service” for transacting or interacting with their online service The Terms must comply with the “online community” Trust Framework Rules, including accessibility, privacy, security, etc. The individual/receiver/consumer chooses which providers to interact with, in part based on the Terms offered “Terms of Service” - October IDESG Version 20

Identity Solutions Imagine some possible Terms of Service: “Give me these attributes, cryptographically signed by an Attribute Provider I recognize, so I can verify your eligibility” “Prove that you have authenticated successfully with an IdP I have a trust relationship with” “Prove that you did the authentication with a Level 4 Credential” That’s where they are – the ‘typical’ Identity Solutions and services are support mechanisms to enable Terms that leverage third party identity and credential services - October IDESG Version 21

Some Examples of “Terms” Business Payment / Money Information Eligibility Legal Contract / Agreement Terms and Conditions Lawfulness Technical Protocols & Standards Crypto capability Electronic Tokens & Credentials Other technical capabilities - October IDESG Version 22

Entering the Ecosystem An “online community” becomes a formal participant in the NSTIC ID Ecosystem through an Accreditation Program The Accreditation Program is being designed by teams in the IDESG The Accreditation Program will be documented within the ID Ecosystem Framework - October IDESG Version 23

ID Ecosystem Framework* the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem - October IDESG Version 24 *Source: The NSTIC Strategy Document

Accreditation IDESG, via the Accreditation Authority: Assesses an “online community” and its participants against the Trust Framework (Operating Rules) defined by that particular “online community” Confers Trustmarks to signal to participants that Assessments and Accreditation has been done to a known standard - October IDESG Version 25

Accreditation Authority* assesses and validates identity providers, attribute providers, relying parties, and identity media, ensuring that they all adhere to an agreed-upon trust framework (the community’s trust framework) - October IDESG Version 26 *Source: The NSTIC Strategy Document

Trust Framework*, redux developed by a community defines the rights and responsibilities of that community’s participants specifies the policies and standards specific to the community defines the community-specific processes and procedures that provide assurance considers the level of risk associated with the transaction types of its participants - October IDESG Version 27 *Source: The NSTIC Strategy Document

Interoperable? Interoperability within an “online community” is a defining feature of “online communities” IDESG could foster technology, process and policy interoperability between “online communities” by defining common Accreditation Patterns for the inter- Community interactions IDESG, via the Accreditation Authority, could assess and issue Trustmarks for the inter-Community interactions - October IDESG Version 28

Recap “Online communities” set their own rules according to their members’ needs “Online communities” interact with each other in the NSTIC ID Ecosystem The rules of different “online communities” may be different Access to online services enabled by identity solutions is at the heart of the NSTIC ID Ecosystem IDESG serves to establish the ID Ecosystem Framework and Programs needed to identify and evaluate “online communities” seeking to participate in the NSTIC ID Ecosystem - October IDESG Version 29

NSTIC ID Ecosystem? - October IDESG Version 30 ID Ecosystem Framework Rules Arrows = Inter-community interactions

A “Community” Unit - October IDESG Version 31 e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms Community Trust Framework Rules e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms e-Service Provider e-Service Receiver Transaction Type- Interaction Type Terms of Service Fulfillment of Terms

Next Steps Develop narrative scenarios that explain what an individual might experience when seeking services or engaging with a provider of services Refine the concept of ‘Terms of Service’ Develop examples that explain how this new concept relates to real-world implementations Define the nature of ‘interoperable interactions’ between “online communities” What policy, protocol, technology or practice conditions must exist in order to be considered ‘interoperable’? Relate the conceptual model to other IDESG work products How does this model fit the work already completed in Standards, Security, Privacy, Functional Model, etc? - October IDESG Version 32

Your Feedback Please consider commenting on this slide deck at Feedback, questions, concerns are welcome, please direct to - October IDESG Version 33

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.