What could kill NSTIC? A friendly threat assessment in 3 parts.

  • 1,479 views
Uploaded on

At two events 18-months apart, teams of suits, geeks, and wonks (industry experts, technologists, public policy analysts) brainstormed and scored what could lead to failure of NSTIC, an international …

At two events 18-months apart, teams of suits, geeks, and wonks (industry experts, technologists, public policy analysts) brainstormed and scored what could lead to failure of NSTIC, an international effort to create an identity ecosystem. The whitepaper at http://pde.cc/nsticrisks recaps the long list of potential threats, a shorter list of preventive strategies, compares the 2011 and 2012 events, and names the two greatest threats: poor user experience (harming trust, adoption, use) and imbalance among the forces tying the identity ecosystem together.

More in: Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,479
On Slideshare
0
From Embeds
0
Number of Embeds
7

Actions

Shares
Downloads
3
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. What could kill NSTIC?A Friendly Threat Assessment In Three Parts January 2013 Phil Wolff Strategy Director Personal Data Ecosystem Consortium phil@pde.cc. @evanwolf. Linkedin Download the whitepaper: http://pde.cc/nsticrisks
  • 2. High hopes for an ID ecosystemCan we get to an international digitalidentity system?
  • 3. High hopes for an ID ecosystem Can we get to an International, User-Centric digital identity system that works across Industries? Cultures? Technologies? Governments? Regulatory schemes?
  • 4. High hopes for an ID ecosystemThis effort is driven in the United Statesunder a 2004 program initiated by theNational Strategy for Trusted Identity inCyberspace through theNational Institute of Standards andTechnology (NIST) of theUS Department ofCommerce.
  • 5. Our findings, in short:The two most serious threats to NSTIC’s success:a user experience imbalance amongthat doesn’t work the forces that hold an identity ecosystem together.
  • 6. A dozen of us met•  to list and score threats to the NSTIC Identity Ecosystem vision.•  Internet Identity Workshop, Mountain View, California – October 2012 – May 2011.
  • 7. We asked:If NSTIC fails by 2016,what could havebrought it down?
  • 8. HERE’S OUR HYPOTHETICAL2016 POST-MORTEM OF NSTIC FAILURE SCENARIOS
  • 9. We spoke in the past-tense as if the failures had happened.
  • 10. We didn’t cooperate to build an IDecosystem. We should have playedwell with others.
  • 11. We didn’t cooperate to build an IDecosystem. We should have playedwell with others.Took too long. Strung out by processproblems.(Alternatives emerged.)
  • 12. We didn’t cooperate to build an IDecosystem. We should have playedwell with others.Industry failed to build it.(Capital and management didn’t prioritize.)
  • 13. We didn’t cooperate to build an IDecosystem. We should have playedwell with others.NSTIC community became balkanized.NSTIC community lost cohesion; didn’tlisten to each other.(Little to no interop.)
  • 14. We didn’t cooperate to build an IDecosystem. We should have playedwell with others.The program was co-opted by a Big Brothergovernment.(Not trustworthy internationally and for manypurposes.)
  • 15. Just because it’s built doesn’tmean they’ll use it.
  • 16. Just because it’s built doesn’tmean they’ll use it.Worked, but was not trusted.(Failed Brand).
  • 17. Just because it’s built doesn’tmean they’ll use it.Was subverted and insecure.(Legitimately Untrusted).
  • 18. Just because it’s built doesn’tmean they’ll use it.Enterprise didn’t adopt it.(Business case not well made.)
  • 19. Just because it’s built doesn’tmean they’ll use it.After one failure, supporters abandoned theproject. “Burned once, twice shy.”(Shallow, brittle commitment; low tolerancefor failure.)
  • 20. Just because it’s built doesn’tmean they’ll use it.The IE was an empty room. No critical massformed. There was an imbalance of supplyand demand.(Anchor tenants didn’t sign on. Institutionsdidn’t enroll millions of users or pull inindustry ecosystems.)
  • 21. Just because it’s built doesn’tmean they’ll use it.Citizens didn’t want trusted identity.(Poor market fit; lack of perceived benefitover alternatives.)
  • 22. We didn’t build the right thingsthe right way.
  • 23. We didn’t build the right thingsthe right way.A local failure took down the whole identityecosystem.(Failures of ecosystem trust, architecture,integration testing, and risk analysis.)
  • 24. We didn’t build the right thingsthe right way.The IdP/RP/Trust identity model was inferiorto newer models.(Technology risk.)
  • 25. We didn’t build the right thingsthe right way.The IdP/RP/Trust identity model broke atscale or broke in diverse contexts.(Project design risk.)
  • 26. We didn’t build the right thingsthe right way.Miscommunication within the IdentityEcosystem contributed to its death.(Poor cooperation, weak community, highself-interest, low trust.)
  • 27. Failed User Experience.
  • 28. Failed User Experience.UX was too hard.
  • 29. Failed User Experience.Everything went wrong that could go wrong.
  • 30. We Built-In Structural Instability.
  • 31. We Built-In Structural Instability.Along with user experience, structuralinstability was the big issue, according tothe group…
  • 32. We Built-In Structural Instability.•  Four pillars of the ecosystem must be strong •  Technology •  Economics •  Policy •  Culture•  Each relationship among them was imbalanced.
  • 33. We Built-In Structural Instability.Each of these pillars were operating ondifferent tempos.•  It was fast to iterate improved user experiences but slow to socialize each round among public policy and enterprise lawyers, for example.
  • 34. We Built-In Structural Instability.Motivations were misaligned.•  Some companies, for example, engineered tariffs for data sharing into their terms of service, cutting off public sector and NPOs from their customers.
  • 35. We Built-In Structural Instability.Core ideas didn’t survive translation.•  Several large Internet engineering companies backed out of supporting IE infrastructure because the “Easy ID” brand became a running joke on sitcoms, SNL, and a biting meme on YouTube.
  • 36. We Built-In Structural Instability.Liability was broken.•  Tragic risks were taken with some technologies and contracts by pushing exposure from those who enabled risk to those who didn’t.
  • 37. This session was in October 2012.•  But wait, there’s more…
  • 38. We did a similar exercise 18months earlier in May 2011with a similar group.https://secure.flickr.com/photos/philwolff/5713880402/ cc-by Phil Wolff2. EIGHTEEN MONTHS EARLIER...
  • 39. Key Risks (via 2011):
  • 40. Key Risks (via 2011):Lack of adoption.
  • 41. Key Risks (via 2011):Impatience for long learning curve.
  • 42. Key Risks (via 2011):Usability failures. (early concern)
  • 43. Key Risks (via 2011):Interop failures.
  • 44. Key Risks (via 2011):Overscope.
  • 45. Key Risks (via 2011):Security problems like phishing andmalware drawn by money.
  • 46. Key Risks (via 2011):Perversion of principles.
  • 47. Key Risks (via 2011):Chicken vs. Egg problems.
  • 48. Key Risks (via 2011):Short Attention Span andthe Hype Cycle
  • 49. Key Risks (via 2011):Regulatory blocks privacy laws antitrust concerns uncertainty about liability
  • 50. Key Risks (via 2011):Waiting for Winners
  • 51. Key Risks (via 2011):Dystopian Fear
  • 52. Key Risks (via 2011):Over-promising by tech communities topolicy communities
  • 53. Key Risks (via 2011):•  Lack of adoption. •  Chicken vs. Egg problems.•  Impatience for long •  Short Attention Span and learning curve. the Hype Cycle•  Usability failures. •  Regulatory blocks•  Interop failures. including privacy laws,•  Overscope. antitrust concerns and uncertainty about liability•  Security problems like phishing and malware •  Waiting for Winners drawn by money. •  Dystopian Fear•  Perversion of principles. •  Over-promising by tech to policy communities
  • 54. We had time, in the 2011 session, tobrainstorm what might avoid ormitigate these threats.
  • 55. Action:Small successes Build confidence
  • 56. Action:Industry marketing, PR, Media/Voice Build public understanding
  • 57. Action:Community user experience sharing (KM) Accelerate design
  • 58. Action:Cultivate Engineering Focus Developer relations
  • 59. Action:Governance driving Interop Testing Interop is a leadership challenge
  • 60. Action:Clear/Graded Roadmap Short term plans, long term visions
  • 61. Action:Electronic Authentication Guideline,NIST SP 800-63, and other threat comment Connect to existing NIST processes
  • 62. Action:Security Council / Antiphishing WorkingGroup Make security an explicit IESG activity
  • 63. Action:Government Affairs activity Engage US and other governments
  • 64. Action:OIX Risk Wiki Engage the OIX community
  • 65. The fear of “failure todeliver” was still there.WHAT CHANGEDBETWEEN THE TWOSESSIONS?
  • 66. What changed between the twosessions?1.  Outside forces like dystopian fear among users, security failures, and regulatory challenges were less prominent or not mentioned. "2.  Drivers of failure expanded almost exclusively to internal ones. "
  • 67. What changed between the twosessions?The primary concern: leadershipOnce funding, staffing, and collaborationstarted: the identity ecosystem did nottake charge and master the challengesas they emerged.
  • 68. 3. Last minute update...Arbroath Cliffs Warning Notice CC-BY-NC Alan Parkinson
  • 69. Cuts are coming•  US federal government is cutting spending in 2013 as we prepare this paper in December 2012.•  By cleaver if a “fiscal cliff avoiding” budget is passed•  By chainsaw if Congress and the President fall over the “cliff.”
  • 70. Direct effects.Nobody knows if this will directly affect NISTand the NIST staff managing the NSTICproject.
  • 71. Direct effects.Could the stream of funding for NSTICinnovation grants dry up and will existingprojects be halted?
  • 72. Direct effects.Will NIST’s funding for the IdentityEcosystem’s Secretariat, that coordinatesand supports the work of the IE, besustained or cut?
  • 73. Direct effects.In a trillion dollar budget, today’s spendingon NSTIC is a rounding error.
  • 74. Indirect effects.We don’t know how cuts in federalspending will affect the programindirectlyParticipating organizations changebehavior as they•  lose government contracts,•  experience greater risk, or•  enjoy new opportunities.
  • 75. eGovernment as customer.We also don’t know if the largestgovernment agencies that would be amongthe first implementers of these open, user-centric, trust networks will stay in the game.
  • 76. eGovernment as customer.Having huge customers as “anchor tenants”provides strong incentives for the privatesector to invest and make the identityecosystem work.
  • 77. eGovernment as customer.Will spending cuts interfere with projectcontinuity?
  • 78. eGovernment as customer.Will key personnel stay engaged?
  • 79. Lots of unknowns.•  And no strategy to respond to these risks from the Identity Ecosystem Steering Group.•  Yet.
  • 80. Our findings, in short:The two most serious threats:A user experience Imbalance amongthat doesn’t work the forces that hold an identity ecosystem together.
  • 81. What do you think is the biggest threat to making the dreamof an international user-centric digital identity system that works acrossindustries, technologies, governments, and regulatory schemes come true?
  • 82. Further Reading and Resources•  https://pensivepeter.wordpress.com/2012/10/23/death- to-nstic-long-live-nstic/•  https://skydrive.live.com/? cid=9a70d9142ec4cc44&id=9A70D9142EC4CC44! 827&sff=1•  PDEC White paper: What Could NSTIC?
  • 83. A word from our sponsors…•  PDEC is a not-for-profit education, advocacy, and research association, promoting the emergence of a user-centric personal data ecosystem where personal control of personal data is good for business and society.•  Our consortium’s Startup Circle and individual members are in North America, across Europe, Australia and New Zealand•  We meet at local meetups and conferences and hold seminars.
  • 84. ThanksPhil Wolff PDEC, the Personal Data –  phil@pde.cc Ecosystem Consortium, is a –  @evanwolf “small data” NGO –  +001.510-444.8234 representing startups, individuals and others who believe personal control of personal data is good for people, business, and society