Get Email UpdatesSign up below to receive free Trusted Identities Group blog updates.
- TIG in action at next week’s Federal Identity Forum, IDESG Plenary
- How will they measure up? RTI awarded to evaluate the class of 2016 state and local pilots!
- Return of the Great Zoltan! Our 800-63 FAQs answer life’s most perplexing questions (about digital identity, anyway).
- Mic Drop — Announcing the New Special Publication 800-63 Suite!
- REGISTER NOW – Privacy Risk Assessment: Prerequisite for Privacy Risk Management Workshop
Tag Archives: Identity Ecosystem Steering Group
We may have spent more than a year working with you to update major federal guidance – we’re looking at you, Special Publication (SP) 800-63 – but our work is far from complete. Now we’re on to the hard part: supporting agencies as they implement the new SP 800-63 and driving towards global alignment of digital identity standards. Next week at the IDESG Plenary and the Federal Identity Forum, both at the convention center in Washington, D.C., we have a lot in store for NIST and our Trusted Identities Group (TIG) team this week. Continue reading
Last week in New Orleans, the Identity Ecosystem Steering Group (IDESG) launched the Identity Ecosystem Framework (IDEF) Registry and publicly listed the first four organizations to self-attest. At the 17th IDESG plenary meeting, these organizations presented their experiences – emphasizing the business benefit of publicly showcasing their dedication to trusted digital identity solutions. They also shared the ease of self-attestation, thanks to the IDESG’s concierge that assists Registry applicants. Continue reading
This morning at the Cloud Identity Summit in New Orleans, the IDESG announced the implementation of the IDEF Registry, an online listing service where ecosystem participants can report their self-assessed status against the IDEF baseline requirements. By attesting to these requirements on the Registry, organizations can showcase their commitment to providing trusted digital identity services. It’s a great way for organizations to demonstrate that they have crossed a threshold in the marketplace, addressing mature protections for consumers beyond those minimally required by law. Continue reading
It’s a little hard to believe, but today marks the 5th anniversary of the NSTIC, the strategy for achieving trusted digital identities in a private sector-led identity ecosystem. Let’s take a glimpse back in time to where we were five years ago:
It’s 2011. Most (79%) American adults use the Internet. The average user needs 10 different passwords for their daily online activity, according to a UK study, and 3 out of 4 Americans don’t use sufficiently strong passwords for their most sensitive accounts. It’s also a year of unprecedented data breaches. In fact, “2011 boasts the second-highest data loss since [Verizon] started keeping track in 2004,” with 855 incidents and 174 million compromised records. Some companies are getting more aggressive in pursuing better security; 2011 is the year Google released two-factor authentication (2FA). While companies are beginning to adopt more secure solutions, they’re still uncommon, even in services with the most sensitive data: in 2011, only 35% of non-Federal short-term care hospitals have the capability for 2FA. Continue reading
In the NSTIC, the president called for an “overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem.”
Today, I’m proud to announce that the privately-led Identity Ecosystem Steering Group (IDESG) has delivered. Thanks to the incredible dedication of the IDESG’s volunteer membership, version 1 of the Identity Ecosystem Framework (IDEF) is now a final public document. This framework raises the bar for online transactions and substantially advances the Identity Ecosystem. Continue reading
When the Identity Ecosystem Steering Group (IDESG) plenary convened last week in Tampa, Florida, attendees meant business. By Friday afternoon, committees had finalized the baseline requirements and supplemental guidance for v1 of the Identity Ecosystem Framework (IDEF). Now the plenary stands in recess with the IDESG on track for a major milestone: completion of the IDEFv1, set for public release on October 20th! Continue reading
It’s certainly too early to spike the ball, but yesterday the Identity Ecosystem Steering Group (IDESG) met another milestone by approving the initial set of baseline requirements for the Identity Ecosystem Framework (IDEF). These requirements are a critical element to building the IDEF—which the IDESG has been chartered to establish and govern. As identified in the NSTIC, successful establishment of the IDEF is a must-have in the ongoing successful development of online commerce, government efficiency, and effective and efficient communication among and between individuals, the private sector, and the public sector. The baseline requirements were developed by IDESG work committees to address minimum requirements for Identity Ecosystem participants in four key areas: privacy, security and resiliency, interoperability, and user experience. These areas align directly with the committee structure of the IDESG and with the Guiding Principles of the NSTIC. Continue reading
Recently NIST joined the FIDO Alliance under its newly-created government membership class. The FIDO Alliance was formed in July of 2012 and aims to bring easy-to-use, privacy-enhancing authentication devices to the consumer mass market. FIDO-based credentials are designed to provide an … Continue reading
The Identity Ecosystem Steering Group (IDESG), now in its third year, is a key part of the National Strategy for Trusted Identities in Cyberspace (NSTIC). It serves as a forum to build the core set of rules and standards to promote privacy, security, interoperability, and ease of use for online services. I wouldn’t say IDESG meetings are exactly like standards development meetings, but they are similar in that much of the contention and dissention makes me sure of two things: Continue reading
Today we celebrate the most special of days for the NSTIC National Program Office. Four years ago at the U.S. Chamber of Commerce in Washington, D.C., we released the President’s strategy to enhance the choice, efficiency, security, and privacy of online transactions. As you are seeing this month in our retrospective blog series—two are posted with two more coming—this community has accomplished a great deal in the last four years. It’s clear we’ve come so far…but still have much work to do. Continue reading