Successfully reported this slideshow.
Your SlideShare is downloading. ×

Iiw east openidentityforopengovfinal

Ad

Open Identity for Open Government<br />September 9, 2010<br />Mary Ruddy<br />Mary Ruddy<br />

Ad

Open Identity For Open Government Initiative<br />Public Private Partnership <br />Various Agencies<br />Non-Profits<br />...

Ad

US GSA Initiative<br />“The government believes that there is a win-win for all of us in collaborating with industry to pr...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Upcoming SlideShare
Kantara Workshop at CIS
Kantara Workshop at CIS
Loading in …3
×

Check these out next

1 of 16 Ad
1 of 16 Ad

More Related Content

Iiw east openidentityforopengovfinal

  1. 1. Open Identity for Open Government<br />September 9, 2010<br />Mary Ruddy<br />Mary Ruddy<br />
  2. 2. Open Identity For Open Government Initiative<br />Public Private Partnership <br />Various Agencies<br />Non-Profits<br />For Profit Companies<br />
  3. 3. US GSA Initiative<br />“The government believes that there is a win-win for all of us in collaborating with industry to provide good identity solutions for electronic interactions with the American public.” <br /> Judy Spencer of GSA<br />
  4. 4. Goals<br />(With full credit to Chris Louden Protiviti Gov Services)<br />Make Government more transparent to citizenry<br />Make it easier for citizenry to access government information<br />Avoid issuance of application-specific credentials<br />Leverage Industry credentials for Government use <br />Leverage Web 2.0 technologies<br />
  5. 5. What is Open Identity ?<br />Portable Internet identities<br />Identities issued by industry – multiple providers<br />Some call it federated identity….<br />Based on open standards<br />User driven (user controls what data is released)<br />OpenID and Information Card protocols…<br />Identities certified by independent organizations<br />
  6. 6. Multiple Levels of Assurance (LOA)<br />Pseudonomity - MickyMouse123<br />Verified identities - John D. Smyth<br />Verified claims - City or state of residence, age, etc.<br />
  7. 7. Third-party identity Mgmt.<br />Address the need for Internet-scale digital identity management<br />Solves the problem by using a third party to assist end-users in identity transactions<br />Called an “identity service provider” (also “identity provider”, “IdP”, “IP”)<br />This sets up a “trust triangle” for Internet identity transactions<br />7<br />
  8. 8. 8<br />relyingparty<br />identityserviceprovider<br />Optional direct trust agreement<br />Terms of Service (TOS) agreement<br />Terms of Service (TOS) agreement<br />user<br />The “trust triangle”<br />
  9. 9. Open Identity Framework Model<br />9<br />Trust Community<br />Trust Community<br />Trust Community<br />1<br />1<br />1<br />relyingparties<br />Identityserviceproviders<br />Trust Framework Provider<br />3<br />2<br />4<br />5<br />assessors& auditors<br />disputeresolvers<br />Trust framework agreements<br />TOS agreements<br />user<br />
  10. 10. Initiatives<br />Gov standards <br />Certifying process for gov standards<br />Market for certifying to gov standards<br />IdP market<br />Enabling infrastructure technology <br />Meta Data for Federated Interoperability<br />RP adoption<br />Privacy<br />
  11. 11. Since Last Gov 2.0<br /><ul><li>GSA finalized TFPAP
  12. 12. Open Identity Exchange (OIX) formed
  13. 13. Kantara and OIX certified to certify IdPs to GSA schemas
  14. 14. IdP’s certified (Google, Yahoo, PayPal, Equifax VeriSign)
  15. 15. NIH in production at NLM with PubMed site
  16. 16. More Pilots in process
  17. 17. Various interops at RSA and Catalyst
  18. 18. FI-WG for meta data automation
  19. 19. Input to NS-SOT, now NSTIC</li></li></ul><li>www.Idmanagement.Gov<br />
  20. 20. PubMedhttp://www.ncbi.nlm.nih.gov/pubmed<br />
  21. 21. US GSA Demonstration<br /><ul><li>Equifax issued Information Cards, powered by Azigo CardPress
  22. 22. Azigo Selector
  23. 23. Demo version of recovery.gov Drupal site with PamelaWare Drupal plugin</li></li></ul><li>Next Challenges<br />More higher LOA certifiers<br />Higher LOA credentials and business models<br />More work on meta data interoperability<br />Roll out more pilots<br />Continued interop feedback to enabling software providers<br />Attribute claims<br />
  24. 24. Thank You<br />mary@meristic.com<br />

×