Mission statement – the only industry org to have privacy and identity in scope, the only larger org to maintain a ‘commons’ community low/no barriers to participation and still survive financially.
Kantara is comprised of 3 separate entities to address 3 different legislative tax areas: industry consortium community development, charity public good grant funding, and Europe. Kantara differentiates from other consortia variously, not least in its steadfast hold to the principles of openness, fairness and balance, to allow individual & small business contributions, international reach, and combined security-privacy scope. Kantara uniquely scopes-in personal data privacy with digital identity, which while critical, Kantara views as a particular instance of personal data enrollment and data exchange. Kantara’s business model relies on Board & corporate membership & sponsorship to sustain the low/no cost community development & publishing, while monetizing the Trust Framework and the R&D grant funding facilitation. ForgeRock currently holds the Presidency – a mix of large & medium sized personal data focused orgs. Kantara’s incubation of ID Pro, the digital identity professionals association, exemplifies its mission and altruistic ethos. Kantara absorbed the assets of the public-private US identity ecosystem organisation, the IDentity Ecosystem Steering Group (IDESG) The geographic location & scope of the Liaisons nicely complement Kantara’s international scope via membership, trust framework operations and R&D programs. Liaisons shown here: https://kantarainitiative.org/about/liaisons/ ISO, ITU-T and ITAC are exceptions since the nature of these liaisons is expert contribution to standards and policy development. https://kantarainitiative.org/about/liaisons/
Kantara attracts international membership, with each of these lines of corporate logos representing at least 4 different countries. >50% of Kantara’s members are non US. The appearance of international Research and Education federations amongst Kantara’s members is because they consider it the only ‘safe haven’ for their engagement. Some organizations previously indicated a preference for their logo not to be displayed. See the full membership list here: https://kantarainitiative.org/members/ Kantara community working groups allow non member participants to contribute. X10 is an approximation given that the number constantly changes, ranging from 100 and an email list of 1350.
Organizations wishing to contribute to and influence International standards organizations can use Kantara’s Liaisons as a direct channel or a supporting parallel channel to access these consortia. Organizations wishing to pursue their Corporate Social Responsibility objectives can do so through Kantara.
We need to have a version of this presentation with the Video embedded and one without. Also the video file separate, so I can play direct from the file itself and not inside a presentation.
The current org chart showing the bi-cameral structure, with the Leadership Council largely autonomous in its oversight of the community working & discussion groups.
Kantara’s ‘rhythm’ is typically a recurring cadence of 3 activities in a circular cycle; new ideas socialized and nurtured, some of those developed further into artefacts, and some of those operated as monetized programs. Examples are the Trust Framework Operations and Assurance program and the Kantara Identity & Privacy Incubator (KIPI) program. External initiatives and projects can and do arrive at any stage in the cycle, to add to Kantara’s self-generated efforts. The Leadership Council operates largely autonomously of the Board to oversee and operate the community Groups. The Leadership Council (currently Chaired by Canadian Andrew Hughes) comprises the Officers of each Working Group that primarily focusses on the development and delivery of artefacts from the Working and Discussion Groups.
The UMA specification is an open specification for federated delegation and authorization, designed as an extension to the open standard OAuth 2.0, developed in Kantara’s open-consensus based environment to give a user a unified control point for authorizing who can access their online personal data. The Consent Receipt is an open specification developed in Kantara’s open consensus-based environment and led by Canadian and UK experts. Enjoying rapid adoption since incorporation into ISO 29184. Kantara has been an authorized Trust Framework Operator to the US Federal Government’s GSA FICAM Trust Framework Solutions (TFS) program since 2010, where it assesses and approves Identity and Credential Service Providers that deliver authenticated identities to US agency citizen facing digital services. It has used its own scheme profiled from the US government’s mandated NIST SP 800-63-2, and more recently 63-3 guidelines. From late 2017, NIST has encouraged Kantara to support greater interoperability between jurisdiction schemes, and it remains active on Kantara’s roadmap awaiting funding to develop it. The transition of IDESG’s assets to Kantara, adds IDESG’s IDEF self attestation scheme to Kantara’s own existing 3rd party schemes with a UK created scheme being readied. Kantara is receiving increased enquiries from both private and public sectors to operate their schemes on their behalf (i.e. their requirements, their assessment rules, their Trust Marks strap-lined with Kantara to reflect the collaboration) outsourced to Kantara to operate and govern, because of Kantara’s enviable reputation in this artform.
The current status of the Assurance program – assessors and credential service providers.
Examples of deployers of Kantara’s specifications
Kantara Europe’s relationships with other fora in Europe.
Kantar Europe’s role in the H2020 grant funded project NGI_Trust
Kantara has evolved towards an approach based on 3’s. So it is not surprising that its slogan is comprised of 3 action verbs; Nurture – Develop – Operate. Kantara Members have a wealth of experience: Identity Assurance, Privacy, Policy and Information Systems Assessment. We’re here to help your community ensure Federated Identity, Access and Personal Data systems are verified for trust, privacy and best practice.