Kantara Initiative Identity Assurance Framework Overview and Value Proposition March 8, 2011.

Slides:



Advertisements
Similar presentations
Whos who in the IETF Zoo? Geoff Huston Executive Director, Internet Architecture Board.
Advertisements

ARMENIA: Quality Assurance (QA) and National Qualifications Framework (NQF) Tbilisi Regional Seminar on Quality Management in the Context of National.
Copyright (C) The Open Group 2014 Securing Global IT Supply Chains and IT Products by Working with Open Trusted Technology Provider™ Accredited Companies.
Quality Label and Certification Processes Vienna Summit 11 April 2014 Karima Bourquard Director of Interoperability IHE-Europe.
TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
MODULE B - PROCESS B1. ASME Organizational Structure B2. Standards Development: Staff and Volunteer Roles and Responsibilities B3. Conformity Assessment:
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
The New TNI Laboratory Accreditation Standards Requirements for an Accreditation Body.
Accreditation 1. Purpose of the Module - To create knowledge and understanding on accreditation system - To build capacity of National Governments/ focal.
Helena Sims NACHA – The Electronic Payments Association Overview of The Electronic Authentication Partnership Tenth Federal & Higher Education PKI Coordination.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
IAQG OPMT OP Assessor Training Module 3 Preparing for the Face to Face Training: Instructions & Communication February 2015.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
External Quality Assessments
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
Joining the Federal Federation: a Campus Perspective Institute for Computer Policy and Law June 29, 2005 Andrea Beesing IT Security Office.
Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.
Identity Relationship Management The Next Evolution of Identity and Access Management for the Internet of Everything.
Assuring Identities in an Open Trust Framework The Identity Assurance Framework Kantara Initiative Presentation to the Kantara Healthcare Identity.
TFTM Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities.
Independent School Process Agency of Education State Board of Education Presentation March 25, 2014.
Ravi Subramaniam – Technical Director, ICAP 22 September 2012 Geneva, Switzerland IEEE Conformity Assessment Program (ICAP) for SIEPON 22 September
The Open Identity Framework Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)
Conformity Assessment and Accreditation Mike Peet Chief Executive Officer South African National Accreditation System.
Trusted Federated Identity and Access Management to provide the Cornerstone for Cyber Defense.
Standards for Internal Control in the Government Going Green Standards for Internal Control in the Federal Government 1.
TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.
2008 New York - Member Forum Council for Responsible Jewellery Practices, Ltd. Overview of CRJP.
A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.
EXCiPACT TM EXCiPACT TM International Pharmaceutical Excipients Certification Minimize risks – maximize benefits.
5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill
Cyber Authentication Renewal Project Executive Overview June – minute Brief.
QUALITY ASSURANCE AND THE QUALITY SPIRAL. ETQAs + SAQA SAQA NQF.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
© 2005 Global Grid Forum The information contained herein is subject to change without notice Leading the pervasive adoption of grid computing for research.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
Meeting of the TEMPUS DoQuP Project –Workshop on “Documentation for Quality Assurance of Study Programs" 1-6 May 2012, Bishkek, Kyrgyzstan Accreditation.
E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
ISA Setting the Standard for Automation ™ Automation Standards Compliance Institute ISA Security Compliance Institute (ISCI) Prepared by: Andre Ristaino,
OIX initiative, US only? Mapping Swedish Academic Identity Federation 2.0 Policy Framework to Open Identity Exchange (OIX) Trust Framework Provider Assessment.
E-Authentication Overview & Technical Approach Scott Lowery Technical Track Session.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Kantara Initiative Privacy Framework Overview and Value Proposition 13 May 2011.
Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)
Deputy Head of Federal Accreditation Service Sergey V. Migin Approximation of accreditation systems of European Union and Russia.
Cloud Industry Forum Code of Practice: Differentiate yourself in a crowded market 27 April 2016, 13:00 GMT Presented by Jason Wyatt (Cloud Industry Forum)
Harmonised use of accreditation for assessing the competence of various Conformity Assessment Bodies Dr Andreas Steinhorst, EA ERA workshop 13 April 2016,
1 David C. Kibbe, MD MBA DirectTrust Collaborating to Build the Security and Trust Framework for Direct Exchange June 20, 2013.
Internal Audit Quality Assessment Guide
Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
I&S Meeting 26 September 2011 Draft PIA Tool. © 2011 GS1 Agenda Introduction PIA Requirements Background RFID PIA Tool demonstration Next steps for PIA.
E-learning accreditation & networking event
Kantara Workshop and European Plenary
Data and Applications Security Developments and Directions
An Overview of Kantara Initiative, Inc.
Quality Workshop The Local Council Award Scheme is a great guide for good practice in our sector and a way for councils to build confidence in their.
Lockheed Martin Canada’s SMB Mentoring Program
Panel discussion: Organising internal audit system and performing audit engagements Ciaran SPILLANE, Principal Advisor, Internal Audit Service of the.
Global Authentication: Liberty Alliance Identity Assurance Framework
Presentation transcript:

Kantara Initiative Identity Assurance Framework Overview and Value Proposition March 8, 2011

Kantara Initiative Our Value Proposition Identity Assurance Framework Identity Assurance Certification Program Kantara Initiative builds bridges...

Kantara Initiative Identity Assurance Builds Bridges

Kantara Initiative builds bridges... Why Certify against the IAF? A core value of the IAF is the harmonization of existing and evolving identity assurance and trust frameworks — allowing for a single certification to be leveraged across various networks or jurisdictions.

Illustrative Examples: US ICAM BIO-PHARMACEUTICAL FEDERATION FINANCIAL SERVICES NETWORK HIGHER EDUCATION FEDERATION TRUST FRAMEWORK PROVIDER REQ’S CORE CSP REQUIREMENTS CORE REQUIREMENT SET Identity Assurance Framework SAC for AL(n) – {n:1-4} IAF ADOPTIONIAF PROFILES

What are the Real Benefits? Business Agility Cost Savings A Higher Standard - By Certifying against the IAF, an organization proves they immediately satisfy a substantial set of the criteria required by other federated networks. - As Federated networks adopt IAF cost savings will be greater for organizations certified against IAF. - Federation Operators may reduce their cost in defining and maintaining Identity Assurance policies and practices, thus reducing cost for constituents as well. - An organization is able to join other IAF networks faster and more efficiently. - The ability to inter-federate is an added value to each IAF certified service and their respective subscribers. - The IAF is a best of breed cross-industry standard that reflects the best known practices from a substantial cross-section of industry and government. It benefits from a large and deep pool of contributers not available in any single federated network. - Over time IAF will cross-pollenate other networks providing a consistently higher standard for Identity Assurance.

How does the IAF work? The IAF establishes Assurance Levels which reflect the value or the risk of an e-Transaction and helps to mitigate the associated risks. Credential Service Providers are assessed for conformity against strict service orientated criteria which vary in their rigor according to the assurance level selected. We use exclusively Assessors who are Accredited to perform assessments against the IAF Service Assessment Criteria.

The Actors in Kantara’s Identity Assurance Framework: CREDENTIAL SERVICE PROVIDERS ASSESSORS KANTARA INITIATIVE IAF FEDERATION OPERATORS Get accredited by Kantara as an assessor against the IAF 1400 AQR Leverage demonstrable competencies to expedite certification Get assessed by a Kantara Accredited Assessor for IAF certification against the IAF 1500 SACs Submit certification application to Kantara’s Assurance Review Board (ARB) Obtain and maintain compliance and certification Define criteria for identity assurance for their federation Map policy against IAF SAC and IAF profiles Accept or recommend IAF certification to its constituents (IAF 1300) Assurance Assessment Scheme (IAF 1400) Assessor Qualifications & Requirements (IAF 1500) Service Assessment Criteria (IAF 1000) Overview (IAF 1100) Glossary (IAF 1200) Assurance Levels NON-NORMATIVE: NORMATIVE: IDENTITY ASSURANCE FRAMEWORK 2.0 MAP APPROVED APRIL

Board of Trustees Assurance Review Board (ARB) Identity Assurance Work Group (IAWG) Identity Assurance Framework (IAF) Assurance Assessment Scheme (AAS) Assessor Qualifications & Requirements (AQR) Service Assessment Criteria (SAC) The ARB reports its findings and assessments to the Kantara Board of Trustees which produces the Trust Status List. Trust Status List Published by IAF Governance: Core IAF document set As a liaison to the ARB, the IAWG owns and publishes the IAF which the ARB applies in its assessments.

Kantara and OIX Collaborate

JURISDICTIONPOLICY KANTARA INITIATIVE WORK GROUPS USER-FOCUSED HIA WG P3 WG InfoShare eGOV IA WG HIA WG TELCO ID eGOV JAPAN InfoShare UMA Consumer ID ULX Kantara Initiative: Work Groups (BCTFDG) Business Cases for Trusted Federations (Consumer ID) Consumer Identity (eGOV) eGovernment (EUMDG) European Use Case and Market (FIWG) Federation Interoperability (HIAWG) Heath Identity Assurance (IAWG) Identity Assurance (Info Sharing WG) Information Sharing (IOP) Interoperability (JapanWG) Japan (P3WG) Privacy and Public Policy (Telco ID) Telecommunication Identification (ULX) User Login Experience (UMA) User Managed Access WORK & DISCUSSION GROUP ACRONYMS: EUM DG BCTF DG

Kantara Initiative: Assurance and Interoperability Program Work Groups InterOp Review Board (IRB) Certification Demos ASSURANCEINTEROPERABILITY KANTARA INITIATIVE PROGRAMS CERTIFICATION NON- CERTIFICATION Assurance Review Board (ARB) Certification Accreditation eGOV IOP FI WG BCTF DG EUM DG IA WG P3 WG HIA WG InfoShare Japan UMA ULX Consumer ID Telco ID User-Centric, Jurisdiction and Vertical Based (HIAWG) Heath Identity Assurance (IAWG) Identity Assurance (Info Sharing WG) Information Sharing (P3WG) Privacy and Public Policy (BCTFDG) Business Cases for Trusted Federation (eGOV) eGovernment (EUMDG) European Use Case and Market (FIWG) Federation Interoperability (IOP) Interoperability (Consumer ID) Consumer Identity (JapanWG) Japan (Telco ID) Telecommunication Identification (ULX) User Login Experience (UMA) User Managed Access WORK & DISCUSSION GROUP ACRONYMS: HARMONIZATION

Accreditation Process: Auditors and Assessors Work with Staff to resolve issues (typically, this can mean more evidence is req’d) Assessor applies for Accreditation Application accepted? Application withdrawn voluntarily Work with ARB to answer follow-on questions Accreditation Results: Withdraw application or appeal? Appeal Process Accreditation is granted Failed No Yes! Passed or Conditional Board rules against appeal Failed Pass Fail Conditional

Work with Staff to resolve issues IdP / CSP applies for certification Application accepted? Application withdrawn voluntarily Choose an assessor from KI Accredited Assessor List Withdraw application or appeal? Appeal Process Accreditation is granted Failed No Yes! Passed or Conditional Board rules against appeal Failed Negotiate Assessment fees with Assessor Complete Assessment Results: Pass Fail Conditional Certification Process: IdP /CSP

IAWG Road Map: 2011 Q1: Finalize v1.0 of Federation Operator Guidelines Q1: Draft v1.0 SAC Profiling Guidelines Q2: Form Attribute Assurance Charter WG Q2: Form SAC Profile Development WG Q2-3: Defining Trust Framework Architecture Q3-4: Relying Party Guidelines Kantara Initiative builds bridges...

Identity service organizations adopt the IAF as their standard for Identity Assurance Financial sponsorship (through membership and/or directed contributions) be made to support the continued evolution of the IAF and related programs within the Kantara Initiative Certification Program What We Ask?

Website: Community Mail List: Identity Assurance Accreditation and Certification Program: Membership Documents: Get Involved: Join our Community

Accepting applications now! Visit our Assurance Certification Center Connect with Executive Director More Information:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.