Your SlideShare is downloading. ×
0
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Kantara May 2012
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Kantara May 2012

8,604

Published on

Kantara Initiative overview and activities. Building Trusted Identity Ecosystems - it takes a village! - May 2012

Kantara Initiative overview and activities. Building Trusted Identity Ecosystems - it takes a village! - May 2012

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
8,604
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
65
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Trust Frameworks: Tools to build Identity Ecosystems It takes a village! support@kantarainitiative.org
  • 2. Agenda:• Overview of Kantara Initiative• Federation and Trust Frameworks• Identity Assurance Framework• Accreditation / Certification• Next Steps2012 Kantara Initiative - Trust Frameworks: A Global Context 2
  • 3. Kantara Initiative: Overview Values• Trust: Operating Accreditation, Approval and Certification programs to ensure trusted network environments are available to support generative growth within the Internet.• Privacy: Developing solutions for secure, identity-based, privacy-respecting online interactions.• Community: Bridging technology and policy requirements to enable verified trust in online identity credentials and services.2012 Kantara Initiative - Trust Frameworks: A Global Context 3
  • 4. Kantara Initiative: Overview Federation, Compliance, and Interoperability Kantara Builds Bridges Focusing on trust harmonization by developing compliance criteria based on requirements of end- users, relying parties and identity providers. Operating compliance programs for multiple solutions that fit a variety of requirements and jurisdictions.2012 Kantara Initiative - Trust Frameworks: A Global Context 4
  • 5. TrusteesGovernment Facing Government of Canada Credential Services Verticals - Health, Telco, Entertainment, Finance Audit and TestingResearch and EducationTechnical and User Community Organizations
  • 6. Kantara Initiative: Overview Governance Model Board of Trustees Assurance Leadership Review Board Council Interoperability Consists of: Work Review Board and Discussion Group Operates Compliance Leadership Programs Develops Requirements and Practices2012 Kantara Initiative - Trust Frameworks: A Global Context 6
  • 7. Kantara Initiative: Overview Liaisons and Governments• ISO: 29115, 29100, 29191, 27001, 27002, etc• ITU-T: X.1254 (was X.EAA), OITF• OASIS: eGovernment, SAML SSTC, PMRM, etc• OECD Internet Technical Advisory Committee (ITAC)• Governments • Providing neutral forum for Government Programs and Agencies to share information and identify common goals • Performing confidential and non-confidential program reviews upon request for specific international governments and government agencies2012 Kantara Initiative - Trust Frameworks: A Global Context 7
  • 8. Kantara Initiative: Overview Work and Discussion Groups KANTARA INITIATIVE WORK AND DISCUSSION GROUPS POLICY JURISDICTION USER-FOCUSED WORK & DISCUSSION GROUP ACRONYMS: • (AM) Attribute Management • (BCTF) Business Cases for Trusted FederationseGOV AM Consumer eGOV • (Consumer ID) Consumer Identity ID • (eGOV) eGovernment • (FI) Federation Interoperability HIA P3 HIA InfoShare • (HIA) Heath Identity Assurance • (IA) Identity Assurance • (Info Sharing WG) Information Sharing InfoShare • (Japan) JapanIA WG JAPAN UMA • (P3) Privacy and Public Policy • (Telco ID) Telecommunication Identification • (UMA) User Managed Access TELCO ID AM 2012 Kantara Initiative - Trust Frameworks: A Global Context 8
  • 9. Kantara Initiative: Overview Groups and Programs KANTARA INITIATIVE PROGRAMS WORK & DISCUSSION GROUP ACRONYMS: NON- COMPLIANCE and CERTIFICATION • (BCTF) Business Cases for Trusted CERTIFICATION Federation • (eGOV) eGovernmentINTEROPERABILITY ASSURANCE HARMONIZATION • (FI) Federation InteroperabilityInterop Review Board (IRB) Assurance Review Board (ARB) User-Centric, Jurisdiction and • (IOP) Interoperability Vertical Based• Certification, Verification • Certification • (HIA) Heath Identity Assurance• Tools, Demos • Accreditation • (IA) Identity Assurance • (Info Sharing) Information Sharing HIA Consumer ID • (OSSI) Open Source Strategic Initiative • (P3) Privacy and Public Policy eGOV IA Japan • (Consumer ID) Consumer Identity • (Japan) Japan • (Telco ID) Telecommunication InfoShare Telco ID Identification FI • (UMA) User Managed Access P3 UMA OSSI 2012 Kantara Initiative - Trust Frameworks: A Global Context 9
  • 10. Federation and Trust Frameworks What does Federation look like? Identity BANK Authentication Provider Trust INSURANCE Service COMPANY Access Service Provider2012 Kantara Initiative - Trust Frameworks: A Global Context 10
  • 11. Kantara Initiative: Overview What does a Trust Framework look like?Relying Parties / End-Users Rules • Process • Policy Input Kantara and Requirements • Practice end-user in to Kantara stakeholders • Privacy develop criteria Groups / sectors who for assessment Tools share common • OpenID requirements to enable trust in identity systems. • SAML • SmartCard • OAuth2.0 • Other Trust Kantara Accredited Assessors perform assessments 2012 Kantara Initiative - Trust Frameworks: A Global Context 11
  • 12. Kantara Initiative: Overview What does a Trust Framework look like? Input Kantara andRelying Parties Requirements Criteria for IdP / end-user & in to Kantara stakeholders CSP Assessment End-Users develop criteria to verify Trust for assessment Trust Kantara Accredited Assessors perform assessments 2012 Kantara Initiative - Trust Frameworks: A Global Context 12
  • 13. Federation and Trust Frameworks Leveraging Scale-Free Networks“Inter-Federation”Trust Frameworks enable inter-Federation- Connecting Federations- Leveraging Scale-Free Networks 2012 Kantara Initiative - Trust Frameworks: A Global Context 13
  • 14. Federation and Trust Frameworks Target Audience & Value PropositionTarget Audience• Enable End-users (Enterprise, Governments, Verticals, Communities) to trust credentials proofed and issued by Identity Providers / Credential Service ProvidersValue Proposition• Increased security• Compliance with laws, regulations, and standards• Improved interoperability• Enhanced customer service• Elimination of redundancy• Increase in protection of Personally Identifiable Information (PII)2012 Kantara Initiative - Trust Frameworks: A Global Context 14
  • 15. Federation and Trust Frameworks Based on Levels of Assurance : Illustrated2012 Kantara Initiative - Trust Frameworks: A Global Context 15
  • 16. Trust Framework Model Trust Status Assessment Listing Service Verification Registration InterestedCertification Parties Process Trust Status Listing Service, Registry, White List2012 Kantara Initiative - Trust Frameworks: A Global Context 16
  • 17. Identity Assurance Framework: DocumentsNote: a Trust Frameworkmay apply specific profiles IAF 1000 - Overviewfor specific Technology Overview of of the IAF documents and structureand Privacy Constraintsused to achieve Levels ofAssurance IAF 1100 - Glossary Glossary of terms used in the IAF documents IAF 1200 – Levels of Assurance Overview in detail of the Levels of Assurance IAF 1300 – Assurance Assessment Scheme Process of how the Assurance Program operates IAF 1400 – Service Assessment Scheme Criteria that a Service will need to provide compliance to for Service Approval at the different Levels of Assurance IAF 1600 – Assessor Qualifications and Requirements Qualifications that an Assessor must prove to become Accredited to perform IAF assessments 2012 Kantara Initiative - Trust Frameworks: A Global Context 17
  • 18. Identity Assurance Framework: Actors KANTARA INITIATIVE IAF APPROVED APRIL 2010 http://kantarainitiative.org/confluence/x/e4R7Ag CREDENTIAL FEDERATION IDENTITY ASSURANCE ASSESSORS SERVICE PROVIDERS OPERATORS FRAMEWORK 2.0 MAP NON-NORMATIVE:Get accredited by Get assessed by a Define criteria for identityKantara as an assessor Kantara Accredited assurance for their • (IAF 1000) Overviewagainst the IAF 1600 AQR Assessor for IAF federation • (IAF 1100) Glossary certification against the • (IAF 1200) Assurance LevelsLeverage demonstrable IAF 1400 SACs Map policy against IAFcompetencies to expedite SAC and IAF profiles NORMATIVE:certification Submit certification • (IAF 1300) Assurance Assessment application to Kantara’s Accept or recommend Scheme Assurance Review Board IAF certification to its (ARB) • (IAF 1400) Service Assessment constituents Criteria Obtain and maintain • (IAF 1600) Assessor Qualifications compliance and & Requirements certification 2012 Kantara Initiative - Trust Frameworks: A Global Context 18
  • 19. Kantara Trust Framework Trust Status Published to: Board of Trustees Assurance Review Reviews & Verifies External Assessment Board (ARB) Identity Assurance Manages the Set of IAF Documents Work Group (IAWG) Identity Assurance Framework (IAF) Complete Set of IAF Documents Assurance Assessor Service Assessment Qualifications & Assessment Core IAF Document Set Scheme Requirements Criteria (AAS) (AQR) (SAC)2012 Kantara Initiative - Trust Frameworks: A Global Context 19
  • 20. Kantara Trust Framework Board of Trustees Assurance Review Reviews & Verifies External Assessment Board (ARB) Identity Assurance Manages the Set of IAF Documents Work Group (IAWG) Identity Assurance Framework (IAF) Complete Set of IAF Documents Assurance Assessor Service Assessment Qualifications & Assessment Core IAF Document Set Scheme Requirements Criteria (AAS) (AQR) (SAC)2012 Kantara Initiative - Trust Frameworks: A Global Context 20
  • 21. Multiple Trust Frameworks• Technical • SAML + Others • OpenID • OAuth2.0• Verticals • Healthcare • Banking • Entertainment• Jurisdictions • National Governments • Local Governments2012 Kantara Initiative - Trust Frameworks: A Global Context 21
  • 22. Kantara Trust Framework: ProgressKantara Accredited to LoA 1-4 Kantara Approved to LoA 3 non-crpyto Verizon Universal Identity Service (VUIS)* * ICAM Trust Framework Approval Registered Applicants • Accreditation: • Service Approval: 2012 Kantara Initiative - Trust Frameworks: A Global Context 22
  • 23. Trust Framework Profiles Common, Well-Vetted Complete Assessment Foundation Criteria Core Technical Privacy Final Framework Profile Profile Framework Specific Technical Specific Policy / Deployment Rules Regulation Rules2012 Kantara Initiative - Trust Frameworks: A Global Context 23
  • 24. Building on the Core• Identity Assurance: Building in service module approach enabling Identity Proofing, Credential Management and Organizational component assessments• Privacy Assurance: Building upon the Kantara US Federal Privacy Profile the Privacy and Public Policy (P3) WG is building Privacy Assessment Criteria (PAC) for audit controls applied in a Privacy Assessment.• Attribute Management (AM) Assurance: Performed landscape review of varying AM standards and development activities in Identity focused communities2012 Kantara Initiative - Trust Frameworks: A Global Context 24
  • 25. Status and Lessons Learned• Status: • Operational SAML Framework • Operational Organization • Approved for US Government Use through LOA 3 • Referenced by eGov communities including Canada, New Zealand, Sweden • Assessments in progress • International Partners• Lessons Learned So Far: • Need Additional Members, Participants, and Customers • Need Additional Technical Frameworks • Need Additional Levels of Assurance • Need Additional Privacy Profiles2012 Kantara Initiative - Trust Frameworks: A Global Context 25
  • 26. Shaping the Future of Digital Identity• Kantara Initiative Website: • http://kantarainitiative.org• Community Mail List: • http://kantarainitiative.org/listinfo/community• Assurance Certification Center: • http://kantarainitiative.org/confluence/x/EYCYAQ• Membership Documents: • http://kantarainitiative.org/wordpress/membership/ 2012 Kantara Initiative - Trust Frameworks: A Global Context 26
  • 27. Thanks!Questions? •Kantara Executive Director: Joni Brennan joni @ kantarainitiative.org •General Inquiries: support @ kantarainitiative.org

×