By John Kincaide, Privacy and Security Policy Attorney at Intel
In April 2011 the National Strategies for Trusted Identities in Cyberspace (NSTIC) National Program Office (NPO) released President Obama’s identity strategy at the U.S Chamber of Commerce in Washington, D.C. The President’s identity strategy promoted enhancements in consumer choice, efficiency, security and privacy in online transactions. Specifically the strategy called for the creation of an enhanced identity ecosystem using four “guiding principles”; the identity ecosystem must be 1) privacy-enhancing and voluntary 2) secure and resilient 3) interoperable and 4) cost-effective and easy to use. The President called for the implementation of this new identity ecosystem by 2016.
In August 2012 the Identity Ecosystem Steering Group (IDESG) was formed to drive the development of the proposed identity ecosystem. The IDESG is a voluntary, public-private partnership built around the NSTIC and is dedicated to redefining how people and organizations identify themselves online, by driving the creation of privacy-enhancing trusted digital identities. Participants in the IDESG include consumers, educational institutions, online businesses, technology companies and government agencies.
On October 20, 2015 the IDESG publically released the Identity Ecosystem Framework (IDEF) Version 1 (v.1). The IDEF v.1 is a policy foundation for the Identity Ecosystem and the IDESG’s first step toward achieving NSTIC’s vision of widespread, trusted identity exchanges using federated methods that are secure, interoperable, privacy-enhancing and easy to use. The framework establishes newly developed ‘rules of the road’ for consumers, companies, government agencies, and other organizations to navigate the constantly evolving landscape of the Identity Ecosystem.
The IDEF is a significant milestone for the IDESG. The IDEF identifies and describes common operations, functions, roles, and activities applicable to the broadest set of Identity Ecosystem use cases possible. The IDEF’s primary purpose is to provide a consistent model to focus descriptions of identity solutions. In addition the IDEF will be used to support other important IDESG work including the development of IDESG requirements and best practices, highlighting common technical and policy considerations for interoperability, setting conditions for mutual recognition of existing trust frameworks/federations, and driving consistency for service provider descriptions for online activities and interactions.
Since its inception the IDESG has continued to make steady progress toward its goals. Intel is an active participant in the IDESG and supports the IDESG’s vision to enable a robust identity ecosystem which includes strong consumer privacy and security policies and practices while focusing on identity technology interoperability. Please let me know what you think.