IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

Slides:

Advertisements

Similar presentations

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

Advertisements

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

KEITH CANTANDO, CBCP CORPORATE SECURITY - PROGRAMS PROGRESS ENERGY PS-Prep (DHS – Voluntary Private Sector Preparedness Accreditation.

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.

Functional component terminology - thoughts C. Tilton.

Proposed Workflow IDESG Self-Assessment and Attestation Program For TFP’s Discussion Deck TFTM Committee 09/23/

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

SEM Planning Model.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,

Purpose of the Standards

The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.

State of Kansas Statewide Financial Management System Pre-Implementation Project Steering Committee Meeting January 11, 2008.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.

Functional Model Workstream 1: Functional Element Development.

Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.

NSTIC ID Ecosystem A Conceptual Model v03 Andrew Hughes October October IDESG Version 1.

Identifying the Baseline IDESG Security Committee Discussion 10/23/

THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.

Requirements Development & Template Presentation to All Chairs 8/12/2014.

Audit objectives, Planning The Audit

1 National Strategy for Trusted Identities in Cyberspace Identity in Cyberspace: Improving Trust via Public-Private Partnerships Jeremy Grant Senior Executive.

Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.

HIT Policy Committee Nationwide Health Information Network Governance Workgroup Recommendations Accepted by the HITPC on 12/13/10 Nationwide Health Information.

TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.

A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state November.

TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.

Nationwide Health Information Network: Conditions for Trusted Exchange Request For Information (RFI) Steven Posnack, MHS, MS, CISSP Director, Federal Policy.

State Alliance for e-Health Conference Meeting January 26, 2007.

Cyber Authentication Renewal Project Executive Overview June – minute Brief.

1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.

Draft – discussion only Content Standards WG (Documents and Data) Proposed HITSC Workgroup Evolution 1 Architecture, Services & APIs WG Transport and Security.

COMPDIRS NATHAN DORS APRIL 16, AGENDA  IAM – who we are, what we do  HRP Modernization & Workday  What’s new in IAM?  Identity.UW soft.

DRAFT – For Discussion Only HHSC IT Governance Executive Briefing Materials DRAFT April 2013.

Identity Ecosystem Framework and Charter Gap Analysis.

MC Sub-Committee for Workplanning: Recommendations Report Chair/presenter: Paul Laurent.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.

E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

STANDARDS COORDINATION COMMITTEE PLENARY BREAKOUT 18 SEPTEMBER 2014 Interoperability Requirements.

Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.

JOINING UP GOVERNMENTS EUROPEAN COMMISSION Establishing a European Union Location Framework.

ONC’s Proposed Strategy on Governance for the Nationwide Health Information Network Following Public Comments on RFI HIT Standards Committee Meeting September.

OPTIONS AND REQUIREMENTS FOR ENGAGEMENT OF CIVIL SOCIETY IN GEF PROJECTS presented by Ermath Harrington GEF Regional Focal Point.

Cloud Computing, Policy Management and Standardization Europe Identity Conference 2011 John Sabo, Director Global Government Relations, CA Technologies.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

NSTIC and the Identity Ecosystem Jim Sheire Senior Advisor NSTIC National Program Office, NIST 14 November 2012.

Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

Virginia Office of Public-Private Partnerships (VAP3) Adopted Public-Private Transportation Act (PPTA) enabling legislation in 1995 Public-Private Education.

Project Discovery – Monday Holyoke 561 Most updates will only have 30 minutes maximum for their presentations. At least 10 minutes should be left for Q&A.

The Value of Creating the Identity Ecosystem. The Identity Ecosystem Steering Group (IDESG) is the source of expertise, guidance, best practices and tools.

19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.

IAM VISION OUR CREATIVE INSPIRATION IAM STRATEGY & ROADMAP TEAM JUNE 3, 2015.

FROM PRINCIPLE TO PRACTICE: Implementing the Principles for Digital Development Perspectives and Recommendations from the Practitioner Community.

The NIST Special Publications for Security Management By: Waylon Coulter.

Progress Report on the U.S. NSTIC Efforts Jack Suess – Delegate for Research, Development, Education & Innovation

Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.

Standards Development for Climate Change  Consensus reached between UNFCCC & ISO that internationally accepted standards will be promoted globally  Include.

The International Professional Practices Framework

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

Update from the Faster Payments Task Force

Higher Education’s Role in the Identity Ecosystem

Presentation transcript:

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

Why should the Management Council develop goals & workplans for IDESG? (1) “The Management Council shall provide guidance to the Plenary on the broad objectives envisioned by the NSTIC, produce work-plans to prioritize work items and monitor progress, ensure that Steering Group work activities align with the NSTIC Guiding Principles, and shall have overall administrative and fiduciary responsibility for the IDESG.” – Rules of Association (2) “What gets measured, gets done” – Peter Drucker

Foundation of our goals & workplans Origins of NSTIC NSTIC itself Pre-IDESG proposals from NSTIC NPO IDESG member proposals (charters) IDESG plenary deliberations (this week)

Cybersecurity Policy Review, 2009 “Build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the Nation.” – Near-Term Action Plan #10 “Implement, for high-value activities (e.g., the Smart Grid), an opt-in array of interoperable identity management systems to build trust for online transactions and to enhance privacy” – Mid-Term Action Plan #13

CSIS Cybersecurity Update, Jan-2011 “The biggest challenge for the NSTIC and its new NPO will be to increase incentives for people to use online authentication.” Source = Key Areas for Progress #6, Improve authentication of identity for critical infrastructure

NSTIC Vision & Principles, April-2011 “Individuals and organizations utilize secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation.” Identity Solutions will be: Privacy-enhancing and voluntary Secure and resilient Interoperable Cost-effective and easy to use

NSTIC Goals & Objectives, 2011 (1 of 4) (1) Develop a comprehensive Identity Ecosystem Framework 1.Establish improved privacy protection mechanisms 2.Establish comprehensive identification and authentication standards based on defined risk models 3.Define participant responsibilities in the Identity Ecosystem and establish mechanisms to provide accountability 4.Establish a steering group to administer the standards development and accreditation process for the Identity Ecosystem Framework

(2) Build and implement the Identity Ecosystem 1.Implement the private-sector elements of the Identity Ecosystem 2.Implement the state, local, tribal and territorial government elements of the Identity Ecosystem 3.Implement the Federal Government elements of the Identity Ecosystem 4.Promote the development of interoperable solutions to implement the Identity Ecosystem Framework NSTIC Goals & Objectives, 2011 (2 of 4)

(3) Enhance confidence and willingness to participate in the Identity Ecosystem 1.Provide awareness and education to enable informed decisions. 2.Identify other means to drive widespread adoption of the Identity Ecosystem NSTIC Goals & Objectives, 2011 (3 of 4)

(4) Ensure the long-term success and sustainability of the Identity Ecosystem 1.Drive innovation through aggressive science and technology (S&T) and research and development (R&D) efforts 2.Integrate the Identity Ecosystem internationally NSTIC Goals & Objectives, 2011 (4 of 4)

NSTIC Benchmarks, (1 of 5) Subjects (people or NPE*) have the ability to choose trusted digital identities: – for personal or business use; – between at least two identity credential and media types; and – that are usable across multiple sectors *NPE = Non-Person Entity

NSTIC Benchmarks, (2 of 5) There exists a growing marketplace of both trustmarked, private-sector identity providers at different levels of assurance and private-sector relying parties that accept trustmarked credentials at different levels of assurance. This relying party population is not confined to just one or two sectors.

NSTIC Benchmarks, (3 of 5) Trustmarked attribute providers are available to assert validated attributes. Services available include the ability to assert validated attributes without providing uniquely identifiable information.

NSTIC Benchmarks, (4 of 5) The number of enrolled identities in the Identity Ecosystem is growing at a significant rate, and the number of authentication transactions in the Identity Ecosystem is growing at least at the same rate.

NSTIC Benchmarks, (5 of 5) Building upon FICAM, all online Federal Executive Branch services are aligned appropriately with the Identity Ecosystem and, where appropriate, accept identities and credentials from at least one of the trustmarked private-sector identity providers.

NSTIC Benchmarks (2021) All implementation actions are complete, and all required policies, processes, tools, and technologies are in place and continuing to evolve to support the Identity Ecosystem. A majority of relying parties are choosing to be part of the Identity Ecosystem. A majority of U.S. Internet users regularly engage in transactions verified through the Identity Ecosystem. A majority of online transactions are happening within the Identity Ecosystem. A sustainable market exists for Identity Ecosystem identity and attribute service providers.

NPO Proposed Workplan, 2012 (1 of 4) Workstream #1 – Establish Identity Ecosystem Steering Group Infrastructure, by Q Steering Group Foundational Document Ratification 2.Steering Group Organizational Structure Established 3.Establish Steering Group Operational Structure

NPO Proposed Workplan, 2012 (2 of 4) Workstream #2 – Develop Identity Ecosystem Framework, not sooner than Q Complete Analysis of Current Ecosystems and Trust Frameworks 2.Complete Analysis of Current Standards 3.Complete Development of the Identity Ecosystem Framework Model 4.Establish Strategies for Identity Ecosystem Implementation and Expansion

NPO Proposed Workplan, 2012 (3 of 4) Workstream #3 – Develop Identity Ecosystem Accreditation Program, not sooner than Q Complete analysis of current accreditation programs and design an Identity Ecosystem accreditation program

NPO Proposed Workplan, 2012 (4 of 4) Workstream #4 – Establish Identity Ecosystem Business and Sustainment Model, not sooner than Q Complete analysis of current business models 2.Develop viable Steering Group business model 3.Establish the Identity Ecosystem Steering Group as an independent legal entity

IDESG Workplan, as of Q [1] Source: Step #1 – Members Propose the work to be done (via Committee Charters) [1] Step #2 – The Plenary prioritizes work items & approves Committee Charters Phoenix) Step #3 – The Management Council develops IDESG Workplan (based on NSTIC goals and plenary output) 1.International Coordination 2.Communications 3.Healthcare 4.Trust Frameworks 5.Financial 6.Security 7.Liability & Contract 8.Accreditation & Certification 9.Privacy 10.Policy 11.Standards Coordination 12.Usability ? ?

Final thought… let’s be SMART S=SpecificWhat: What do I want to accomplish? Why: Specific reasons, purpose or benefits of accomplishing the goal. Who: Who is involved? Where: Identify a location. Which: Identify requirements and constraints. M=MeasurableHow much?, How many? How will I know when it is accomplished? A=AttainableHow can the goal be accomplished? R=RelevantDoes this seem worthwhile? Is this the right time? Does this match our other efforts/needs? Are you the right person? Is this acceptable for correction? T=TimelyWhen? What can we do 6 months from now, 12 months from now? What can we do today? Source =

Q&A