identity ecosystem framework: establishing rules of the road for digital identity
TRANSCRIPT
Ian Glazer Vice-Chair, Management Council IDESG @iglazer
From Principles to Actions: Identity Ecosystem Framework
We are just like you
IDESG idesg.org
How? Tasks roll down hill Multi-disciplinary group comes together Define controls needed to solve the problem
Rules of the Road for
Digital Identity
How did we get here?
People are unhappy
IDESG idesg.org
Americans are less than thrilled The current state of digital identity is fine. But only just fine. Not great.
54%
54% of digital consumers are cautious about the information they share due to lack of confidence in the online security
that protects their personal data
Source: 2015 Accenture Digital Consumer Survey
Management is unhappy
IDESG idesg.org
Executives require action • US President Obama’s Ninety-Day
Cybersecurity Review, 2009 • National Strategy for Trusted Identities in
Cyberspace (NSTIC), April 2011
IDESG idesg.org
NSTIC: A Vision of Digital Identity
A P R I L 2 0 11
Enhancing Online Choice, Efficiency, Security, and Privacy
NAT IONA L STR ATEGY FOR TRUSTED IDENT IT IES
IN CY BER SPACE
“The simple fact is, we cannot know what companies have not been launched, what products or services have not been deployed, or what innovations are held back by the inadequacy of tools, like insecure passwords, long ago overwhelmed by the fantastic and unpredictable growth of the Internet. What we do know is this: by making online transactions more trustworthy and enhancing consumers’ privacy, we will prevent costly crime; we will give businesses and consumers new confidence; and we will foster growth and innovation, online and across our economy – in some ways we can predict, and in other ways we can scarcely imagine. Ultimately, this is the goal of this strategy.” – President Obama
IDESG idesg.org
NSTIC Principles Privacy-enhancing and Voluntary Secure and Resilient Interoperable Cost-effective and Easy to use
Principles shape and direct
action
What happens next?
IDESG idesg.org
Identity Ecosystem Steering Group • Created in August 2012 • Convened by management (the
government) • Public-Private partnership • Tasked to create a (controls) framework
IDESG idesg.org
Mutli-disciplinary by design • Privacy and Civil Liberties • Usability and Human Factors • Consumer Advocates • U.S. Federal Government • U.S. State, Local, Tribal, and
Territorial Government • Research, Development,
Education and Innovation • Identity and Attribute Providers • Interoperability
• IT Infrastructure • Regulated Industries • Small Business and
Entrepreneurs • Security • Relying Parties • Unaffiliated Individuals
IDESG idesg.org
Breaking down the work • Security • Privacy • User Experience • Standards • Policy Coordination
• Trust Framework and Trustmarks
• International Coordination
• Healthcare
Identity Ecosystem Framework
IDESG idesg.org
The Results Identity Ecosystem Framework • Functional Model – Reference architecture • Requirements – Rules of the Road for digital identity • Supplemental Guidance – How to meet the Requirements • Scoping Statement – Where we go next
IDESG idesg.org
Self-assessment and beyond… • A way for good actors to make
themselves known • Transitioning to a Program Listing and
Certification Scheme in the future
Moving forward
Rules of the Road for
Digital Identity
Principles shape and direct
action
Management is happy
IDESG idesg.org
A reusable pattern Principles to drive action Multi-disciplinary team Create/select controls & frameworks Assess to measure progress
IDESG idesg.org
How you can get involved • Join us at IdentityRevolution.org
• Explore the Identity Ecosystem Framework
• Join the IDESG
• Be recognized as a good actor