1.
Trust Frameworks:Shaping the future of Digital IdentityJoni Brennan, Executive Director2013

2.
Problem2012 2Kantara Initiative - Trust Frameworks: A Global Context• Inefficient• Does not scale• Poor high risk solution

3.
3Kantara Initiative: OverviewValuesKantara Initiative - Trust Frameworks: A Global ContextOrganizations, Industry andGovernments join Kantarabecause we value:• TrustOperating Accreditation, Approvaland Certification programs• PrivacyDeveloping privacy respectingsolutions.• SecurityDeveloping high security solutionsand practices• CommunityBridging technology and policyrequirementsTrustees:Trustees At-Large:• Government of Canada• Trans-European ResearchEducation Networking Association

4.
4Kantara Initiative: OverviewStatsKantara Initiative - Trust Frameworks: A Global Context50+ Members Approved CSPs100’s of Participants Accredited Assessors

5.
5Kantara Initiative: OverviewFederation, Compliance, and InteroperabilityKantara Initiative - Trust Frameworks: A Global ContextMembers join Kantara because webuild trust and harmonization bydeveloping compliance criteria basedon requirements of end-users, relyingparties and identity providers.Organizations become APPROVEDbecause we operate complianceprograms for multiple solutions thatfit a variety of requirements andjurisdictions.Kantara Builds Bridges*Non-Profit 501c6

6.
6Kantara Initiative: OverviewGovernance ModelKantara Initiative - Trust Frameworks: A Global ContextAssuranceReview BoardInteroperabilityReview BoardOperates ComplianceProgramsLeadershipCouncilConsists of: Workand DiscussionGroupLeadershipDevelops Requirementsand PracticesBoard of Trustees

7.
Kantara Initiative: OverviewWork and Discussion GroupsJURISDICTIONPOLICY/TECHKANTARA INITIATIVE WORK AND DISCUSSION GROUPSUSER-FOCUSEDISWGUMAWGConsumerID• (BCTF) Business Cases for TrustedFederations• (Consumer ID) Consumer Identity• (eGov) eGovernment• (FI) Federation Interoperability• (HIA) Heath Identity Assurance• (IA) Identity Assurance• (IS) Information Sharing• (Japan) Japan• (P3) Privacy and Public Policy• (Telco ID) Telecommunication Identification• (UMA) User Managed Access• (CBP) Cloud Identity Best Practices• (AIM) Attributes In MotionWORK & DISCUSSION GROUP ACRONYMS:Kantara Initiative - Trust Frameworks: A Global Context 7ISWGHIAWG P3WGeGovWGIAWGAMDGHIAWGTELCO IDeGovWGJAPANCIBP AIM

8.
8Kantara Initiative: OverviewLiaisons and GovernmentsKantara Initiative - Trust Frameworks: A Global Context• ISO: 29115, 29100, 29191, 27001, 27002, etc• ITU-T: X.1254 (was X.EAA), OITF• OASIS: eGovernment, SAML SSTC, PMRM, etc• OECD Internet Technical Advisory Committee (ITAC)• Governments (Canada, UK, US, Sweden)• Developing UK/US cross recognition approach (extending country bycountry)• Providing neutral forum for Government Programs and Agencies to shareinformation and identify common goals• Performing confidential and non-confidential program reviews upon requestfor specific international governments and government agencies

9.
9Kantara Initiative: OverviewNational / International InitiativesKantara Initiative - Trust Frameworks: A Global Context• US FICAM• Only cross-vertical LoA 1-3 non-crypto Approved Trust Framework Provider• US NSTIC• Kantara Identity Assurance Framework – Service Assessment Criteria• Ecosystem of Assessors• AuthN >> moving toward Attribute Assurance• UK IDAP• Cross Jurisdiction recognition• EUSTIC• Kantara supporting as media sponsor and relevance to Kantara initiatives• SWEDEN E-legitimation• Kantara IAF referenced in emerging program toward municipality policy/tech interop

10.
Federation and Trust FrameworksBased on Levels of Assurance : Illustrated10Kantara Initiative - Trust Frameworks: A Global Context

11.
Federation and Trust FrameworksWhat does Federation look like?11Kantara Initiative - Trust Frameworks: A Global ContextIdentityProviderServiceProviderTrustBANKINSURANCECOMPANYAuthenticationServiceAccess

12.
Kantara Trust Framework:Component Services12Kantara Initiative - Trust Frameworks: A Global ContextCredentialServiceProviderIdentityProofing /VerificationOrganizationalTrustCredentialIssuance /ManagementResponding to industryexperts Kantaramembers create path tocomponent servicerecognition.Component Services:• Identity Proofing /Verification• Credential Issuanceand Management

13.
Kantara Accreditation and Approval:Developing Trust Framework Profiles2012 13Kantara Initiative - Trust Frameworks: A Global ContextCore FrameworkCommon, Well-VettedFoundationTechnical ProfileSpecific TechnicalDeployment RulesPrivacy ProfileSpecific Policy / RegulationRulesIndustry ProfileSpecific Industry BasedConsiderations / RulesJurisdiction ProfileSpecific Policy / RegulationRules

14.
14Kantara Initiative: OverviewWhat does a Trust Framework look like?Kantara Initiative - Trust Frameworks: A Global ContextTrustInputRequirementsin to KantaraKantara andend-userstakeholdersdevelop criteriafor assessmentKantaraAccreditedAssessorsperformassessmentsRelying Parties&End-UsersCriteria for IdP /CSP Assessmentto verify Trust

15.
15Trust Framework ModelKantara Initiative - Trust Frameworks: A Global ContextRegistrationVerificationAssessmentCertificationProcessTrust StatusListing ServiceInterestedPartiesTrust Status Listing Service,Registry, White List

16.
Identity Assurance Framework:Documents16Kantara Initiative - Trust Frameworks: A Global ContextIAF 1000 - OverviewOverview of of the IAF documents and structureIAF 1100 - GlossaryGlossary of terms used in the IAF documentsIAF 1200 – Levels of AssuranceOverview in detail of the Levels of AssuranceIAF 1300 – Assurance Assessment SchemeProcess of how the Assurance Program operatesIAF 1400 – Service Assessment CriteriaCriteria that a Service will need to provide compliance to forService Approval at the different Levels of AssuranceIAF 1600 – Assessor Qualifications and RequirementsQualifications that an Assessor must prove to becomeAccredited to perform IAF assessmentsNote: a Trust Frameworkmay apply specific profilesfor specific Technologyand Privacy Constraintsused to achieve Levels ofAssurance

17.
17Kantara Trust Framework:StructureKantara Initiative - Trust Frameworks: A Global ContextBoard ofTrusteesTrust StatusPublished to:AssuranceAssessmentScheme(AAS)AssessorQualifications &Requirements(AQR)ServiceAssessmentCriteria(SAC)Core IAF Document SetIdentity AssuranceFramework (IAF) Complete Set of IAF DocumentsIdentity AssuranceWork Group (IAWG)Manages the Set of IAF DocumentsAssurance ReviewBoard (ARB)Reviews & Verifies External Assessment

18.
Kantara Trust Framework:Accredited Assessors and Approved CSPsKantara Accredited to LoA 1-418Kantara Initiative - Trust Frameworks: A Global ContextKantara Approved to LoA 3 non-crpytoVerizon Universal Identity Service (VUIS)** ICAM Trust Framework ApprovalIDPV Component RecognitionNorton Credential Service Provider*ICAM Trust Framework Approval (Conditional)Registered Applicant

19.
Shaping the Future of Digital Identity• @kantaranews• kantarainitiative.org• kantarainitiative.org/listinfo/community• bit.ly/Kantara_Assurance• kantarainitiative.org/membership/19Kantara Initiative - Trust Frameworks: A Global Context

20.
Thanks!Questions?•Kantara Executive Director: Joni Brennan joni@kantarainitiative.org•General Inquiries: support@kantarainitiative.org