trust frameworks explained
TRANSCRIPT
Trust Frameworks Explained (in 20 minutes or less)
Andrew Hughes [email protected]
KantaraInitiative.org
WHAT IS A DIGITAL IDENTITY TRUST FRAMEWORK?
Explaining Digital Trust Frameworks in 20 minutes or less
Fun and Exciting!
Current Work Creating a Pan-Canadian Trust Framework for the
Digital Identification & Authentication Council of Canada (DIACC)
Stakeholders include: federal & provincial governments; financial institutions; telecom providers; credit bureaus; identity networks / hubs; credential managers, others
Wildly divergent needs, expectations and operational modes
What is a Digital Identity Trust Framework?
“Digital Identity”• Identity: A reference or designation used to
distinguish a unique and particular individual, organization or device.
• Trusted Digital Identity: ‘a trusted electronic representation of who I am.’
“Framework”• Digital Identity Trust Frameworks define
the ‘rules of the road’ for interactions between organizations when handling identity, authentication and authorization. Often, these Frameworks form the basis of agreements and contracts.
Functions The DIACC Framework covers
Person Identity Proofing (Registration Authorities) Credential Management Authorization policy (PDP) Access control (PEP) Authentication of Credentials (Verifier) Establishment of government authoritative identity
records
WHY USE A DIGITAL IDENTITY TRUST FRAMEWORK?
A reason for a framework?
To make negotiating agreements easier
Reasons for Frameworks STANDARDIZATION of identity, authentication &
access control processes and technologies within a trust community
LESSEN BURDEN by amalgamating published standards to reduce burden of adopters to know all the standards
Framework Profile creation process captures community-specific details, regulated requirements – GOVERNED by a designated body
Assessment & conformance approach will acknowledge and use PRIOR USE and certifications
How?
Framework
Contracts and Agreements
StandardsRegulationsLaws
Framework Profile
Some Details
Digital Trust Framework Elements
Roles & Responsibilities
Digital Trust Framework Elements
Business functions & Expected Processes
Digital Trust Framework Elements
Processes & Criteria (proof of ‘sameness’ and ‘equivalency’)
Digital Trust Framework Elements
Library of Profiles
Tools and Rules Technical protocols Software / servers Cryptography Communication
protocols Standards
Policies for proof of
identity; ‘Levels’ of certainty
Privacy policy Operations practices Designated authorities
The Future Possibilities Model contract clauses Automation for contracts Addition of new roles, responsibilities, business
functions Build a library of framework profiles
Now what?Join us in innovating and verifying trusted identity solutions for the world Kantara Initiative members include global experts from industry and
government in the fields: Identity assurance Privacy Security Policy Information systems assessment
Join. Innovate. Trust. Visit.:
KantaraInitiative.org
Join. Innovate. Trust.General Inquiries: [email protected]