Presentation is loading. Please wait.

Presentation is loading. Please wait.

TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1.

Published byJoaquin Chinn Modified over 9 years ago

Similar presentations

Presentation on theme: "TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1."— Presentation transcript:

1 TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1

2 A trust framework is developed by a community whose members have similar goals and perspectives It defines the rights and responsibilities of that community’s participants in the Identity Ecosystem; specifies the policies and standards specific to the community; and defines the community-specific processes and procedures that provide assurance. Different trust frameworks can exist within the Identity Ecosystem, and sets of participants can tailor trust frameworks to meet their particular needs. An accreditation authority (aka “Certification Provider”) assesses and validates identity providers, attribute providers, relying parties, and identity media, ensuring that they all adhere to an agreed-upon trust framework. Accreditation authorities can issue trustmarks to the participants that they validate. A trustmark is used to indicate that a product or service provider has met the requirements of the Identity Ecosystem, as determined by an accreditation authority. Existing private-sector organizations already serve in this role in some sectors and can participate in the Identity Ecosystem if they so choose. A public-private steering group (i.e., the IDESG) will ensure that accreditation authorities maintain the minimum requirements of the Identity Ecosystem Framework when they issue trustmarks. 1-14-2014IDESG TFTM Committee2 What the NSTIC says

3 Trust Framework - Developed by a community whose members have similar goals and perspectives. It defines the rights and responsibilities of that community’s participants in the Identity Ecosystem; specifies the policies and standards specific to the community; and defines the community-specific processes and procedures that provide assurance. (Source: NSTIC) Trust Framework Provider - An organization that defines or adopts a trust framework and then, certifies participants that are in compliance with the requirements of that framework. (Source: FICAM TFPAP-slightly modified for context) Accreditation Body (AKA “Accreditation Authority”) – An organization that evaluates, approves and provides formal recognition that an entity is capable of carrying out certification assessment and validation activities for a specific trust framework Accreditation - The processes for the evaluation, approval and formal recognition that an entity is capable of carrying out certification assessment and validation activities for a specific trust framework. (Source: Kantara-slightly modified for context) 1-14-2014IDESG TFTM Committee3 Key terms for this discussion

4 Certification- The processes of assessing, validating, and determining that a product or service provider meets the defined requirements of a specific trust framework. (Source: FICAM TFPAP-slightly modified for context) Trustmark - A visual symbol and/or digital certificate that is used to indicate that a product or service provider has been certified to meet the requirements of a specific trust framework. (Source: NSTIC- Slightly modified) Trust List - A list of participants who have been determined to meet the requirements of a trust framework and are authorized to operate within that trust framework. Trust lists can be a simple visual representation or be integrated into the electronic interactions of a trust framework. (Source: Modified from NSTIC Trustmark definition) 1-14-2014IDESG TFTM Committee4 Key terms for this discussion

5 1-14-2014IDESG TFTM Committee5 IDM Accreditation and Certification Services Accreditation Bodies Certification Provider Approved Service Provider Approved Service Provider Approved Service Provider Evaluate, approve and formally recognize that entities that are capable of carrying out certification activities for a specific trust framework. Assess, validate, and determine that products or service providers meet the defined requirements of a specific trust framework. Apply for and are validated to meet defined Trust Framework requirements.

6 1-14-2014IDESG TFTM Committee6 Examples of IDM Accreditation and Certification Services Today Accreditation Bodies Certification Entity Approved Service Provider (IDP/CSP) Approved Service Provider (IDP/CSP) Approved Service Provider (IDP/CSP) Ex., FICAM TFS (LOA 1,2 non-PKI 3), Kantara (assessors), SAFE Bridge, Certipath Bridge Ex., FICAM (PKI, PIV)—FBCA?–, Kantara (IDP/CSP SP), OIX, InCommon, Certipath Ex., Verizon, Symnatec/Norton, Experion, MITR, Entrust, ORC, Verizon, Digicert, Google, PayPal,

7 Explains the administrative, operational, and legal responsibilities for: Accreditation Bodies Certification Providers Issuers of trustmarks and trust lists Makes recommendation for IDESG trustmark approach for accreditation, certification, and trustmark services for the Interim IE. 1-14-2014IDESG TFTM Committee7 Trust Mark Approach Paper(s)

8 Risk based assurance model (I.E. LOA Framework) for Interim IE. IE Framework requirements for Interim IE (TFTM- 01-04, NSTIC/IDESG Interim Requirements Catalog). Usability/user experience GP component for Interim TM approach. Certification approach to service providers other than IDP/CSPs. 1-14-2014IDESG TFTM Committee8 Key issues to address

Download ppt "TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1."

Similar presentations

Establishing a New Accreditation Program in the U.S.

Establishing a New Accreditation Program in the U.S.
Implementing Federated Identity Management across a Multi-campus Statewide System: The Texas Experience William A. Weems Assistant Vice President Academic.

Implementing Federated Identity Management across a Multi-campus Statewide System: The Texas Experience William A. Weems Assistant Vice President Academic.
TFTM 01-02 TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state. 2013 October.

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.

This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.
Paul D. Grant Special Assistant, Federated Identity Management and External Partnering Office of the DoD CIO Co-Chair, Identity, Credential.

Paul D. Grant Special Assistant, Federated Identity Management and External Partnering Office of the DoD CIO Co-Chair, Identity, Credential.
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
SAFE-BioPharma Association NSTIC Day How does industry drive forward.

SAFE-BioPharma Association NSTIC Day How does industry drive forward.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair
Functional component terminology - thoughts C. Tilton.

Functional component terminology - thoughts C. Tilton.
Accreditation 1. Purpose of the Module - To create knowledge and understanding on accreditation system - To build capacity of National Governments/ focal.

Accreditation 1. Purpose of the Module - To create knowledge and understanding on accreditation system - To build capacity of National Governments/ focal.
SAFE Implementation Toolkit How to use it. Implementation toolkit Overview Log-in Contents Search Toolkit Use Log-out.

SAFE Implementation Toolkit How to use it. Implementation toolkit Overview Log-in Contents Search Toolkit Use Log-out.
TFTM Sub-Committee 01-06 What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, 2014 4-16-2014IDESG TFTM Committee1.

TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Proposed Workflow IDESG Self-Assessment and Attestation Program For TFP’s Discussion Deck TFTM Committee 09/23/14 17-16-2014.

Proposed Workflow IDESG Self-Assessment and Attestation Program For TFP’s Discussion Deck TFTM Committee 09/23/
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
TFTM Deliverable 01-06 2014 Trustmark and Conformance Program Discussion Deck TFTM Committee May 07, 2014 5-07-2014IDESG TFTM Committee1.

TFTM Deliverable Trustmark and Conformance Program Discussion Deck TFTM Committee May 07, IDESG TFTM Committee1.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Similar presentations

Ads by Google