Identifying the Baseline IDESG Security Committee Discussion 10/23/2014 1.

Slides:

Advertisements

Similar presentations

Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.

Advertisements

IBM Corporate Environmental Affairs and Product Safety

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October.

Development of a Regional DRM Strategy for the Tourism Sector in the Caribbean Regional Workshop – May 5th, 2009 – Trinidad & Tobago The Sixteen Steps.

This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.

1 Jan 2013 © Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.

Legal Agreements and Policy Work Group Co-facilitators: Linda Attarian and Jill Moore Dial: Enter room#: * * (don’t forget the asterisks.

1. Guiding Principles 3. Critical Success Factors 2. Delivery Processes 4. Benefits Realisation Strategy Business Management Technology Management Roadmap.

Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Update on Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.

The Lumina Center Grantseeking Workshop Series Presents Outcomes & Evaluations April 20, 2006.

N EW Y ORK S TATE O FFICE OF E MERGENCY M ANAGEMENT Director Bill Davis.

OWASP Mobile Top Ten 2015 Data Synthesis and Key Trends Part of the OWASP Mobile Security Group Umbrella Project.

SCC Activities C. Tilton. Standards Are applied to SOMETHING Within some CONTEXT Something = ID Ecosystem Context = Use Cases 2.

Functional Model Workstream 1: Functional Element Development.

NSTIC ID Ecosystem A Conceptual Model v03 Andrew Hughes October October IDESG Version 1.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Requirements Development & Template Presentation to All Chairs 8/12/2014.

Privacy and Security Tiger Team Recommendations Adopted by The Health IT Policy Committee Relevant to Consumer Empowerment May 24, 2013.

July 20, 2007 Healthcare Information Technology Standards Panel Principles for Proper Use of HITSP Interoperability Specifications And Proposal for Proper.

Update on Interoperability Roadmap Comments Sections G, F and E Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.

Water Supply Planning Initiative State Water Commission November 22, 2004.

TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.

A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state November.

TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.

The California Health Benefit Exchange: Design Options HBEX Board Meeting Tuesday, September 27, 2011.

Federal Trade Commission required to issue and enforce regulations concerning children’s online privacy. Initial COPPA Rule effective April 21, 2000;

Draft – discussion only Content Standards WG (Documents and Data) Proposed HITSC Workgroup Evolution 1 Architecture, Services & APIs WG Transport and Security.

Identity Ecosystem Framework and Charter Gap Analysis.

IDESG Security Committee Charter Update. Objectives The Security Committee is responsible for defining a Security Model for the Identity Ecosystem Framework.

STANDARDS COORDINATION COMMITTEE PLENARY BREAKOUT 18 SEPTEMBER 2014 Interoperability Requirements.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

United States Department of Justice Global Security Working Group Update Global Advisory Committee November 2, 2006 Washington, D.C.

Draft GEO Framework, Chapter 6 “Architecture” Architecture Subgroup / Group on Earth Observations Presented by Ivan DeLoatch (US) Subgroup Co-Chair Earth.

ONC’s Proposed Strategy on Governance for the Nationwide Health Information Network Following Public Comments on RFI HIT Standards Committee Meeting September.

Weekly Discussion Guide Functional Model Planning October 31, 2013 Adam Madlin Security Committee.

1 Interim Report of the IWGDD May Overview: Pursuing Goals to Harness the Power of Digital Data for Science and Society The IWGDD recommends that.

HIT Standards Committee Overview and Progress Report March 17, 2010.

Proposed Privacy Taxonomy for IOT Scott Shorter, Electrosoft, These slides are based on work contributed to the IDESG Use Case AHG in January.

Southend Together Secretariat 21 st February Developing Southend Together’s Sustainable Community Strategy

IoT Trust Framework leading to self regulation code of conduct and certification models Craig Spiezle Executive Director & President Online.

NSTIC and the Identity Ecosystem Jim Sheire Senior Advisor NSTIC National Program Office, NIST 14 November 2012.

Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.

CT TEFT 1 November 5, Agenda Introduction Goal of Pilot Tier Piloting Activity to Pilot Role of Connecticut in the pilot Standards and Technologies.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

June California Investor Owned Utilities (IOU) HAN vision statement development 15 June 2007.

Framing Identity Management Recommendations Transport & Security Standards Workgroup November 19, 2014.

1 The Privacy Impact Assessment Guidelines Guy Herriges Manager, Information and Privacy Office of the Corporate Chief Strategist, MBS November 2000.

1 Updating the Charging Regulations to Take Account of the Change from Income Support to Universal Credit NAFAO AGM

The Value of Creating the Identity Ecosystem. The Identity Ecosystem Steering Group (IDESG) is the source of expertise, guidance, best practices and tools.

Information Sharing for Integrated Care A 5 Step Blueprint.

Progress Report on the U.S. NSTIC Efforts Jack Suess – Delegate for Research, Development, Education & Innovation

Enterprise Architectures Course Code : CPIS-352 King Abdul Aziz University, Jeddah Saudi Arabia.

A lens to ensure each student successfully completes their educational program in Prince Rupert with a sense of hope, purpose, and control.

Work Plan Work Plan Management (Document 21)

Update from the Faster Payments Task Force

Analytical Summary of Replies to the Questionnaire for Governments

Healthcare Information Technology Standards Panel

Information Sharing for Integrated care A 5 Step Blueprint

Higher Education’s Role in the Identity Ecosystem

Work Plan Management GEO Work Plan Symposium 30 April – 2 May 2012

VERMONT INFORMATION TECHNOLOGY LEADERS

Generate more input for strategic themes

Canada’s Strategy for a Safe and Nutritious Food Supply

DRAFT ISO 10008:2013 Overview Customer satisfaction — Guidelines for business-to-consumer electronic commerce transactions ISO/TC176 TG 01.

Presentation transcript:

Identifying the Baseline IDESG Security Committee Discussion 10/23/2014 1

Objectives Clarify what is meant by “baseline” and how this committee intends to address it… 10/23/20142

Baseline References Requirements Presentation – Requirements are a foundational component of the Identity Ecosystem Framework intended to: define a baseline for participation in the Identity Ecosystem – What is the baseline? Improving the security, privacy, usability, and interoperability of everyday online transactions – What benefits could the everyday consumer see if this baseline was established? (e.g., reduced account compromise through increased use of multifactor authentication; greater user control through notice, consent requirements; etc.) The Strategy (NSTIC): – The Strategy seeks to promote the existing marketplace, encourage new solutions where none exist, and establish a baseline of privacy, security, interoperability, and ease of use that will enable the market to flourish. 10/23/20143

Proposed “Target of Requirements” Identify least “risky” type of transaction that should be “in-scope” and use this as the target of requirements development Baseline requirements are intended to define the proper execution of Identity Ecosystem functions that support transactions: 1.That require authentication; and 2.Where personal information is collected, transmitted, retained, processed, disclosed, and/or disposed of 10/23/20144

Scoping Baseline Requirements 10/23/20145

Baseline Requirements Are not: – An incomplete set of requirements – A stop gap or half measure – A copy and paste effort Should be as complete as possible to achieve security for the defined target Even with self-attestation, IDESG recognition should reflect a service provider is among the “best in market” at following the NSTIC Guiding Principles. 10/23/20146

Next Steps With this target in mind: – Review current requirements, supplemental guidance, and references – Provide feedback and input – Update draft requirements 10/23/20147

Upcoming Milestones Identify recipients for requirements questionnaires (October 29th) Complete draft requirements (October 31st) Develop requirements questionnaires (November 14 th ) Distribute requirements questionnaires (November 17 th ) 10/23/20148

Questions/Discussion? 10/23/20149