SlideShare a Scribd company logo
1 of 20
Download to read offline
Trust Frameworks:
Shaping the future of Digital Identity
Joni Brennan, Executive Director
2013
Problem
2012 2Kantara Initiative - Trust Frameworks: A Global Context
• Inefficient
• Does not scale
• Poor high risk solution
3
Kantara Initiative: Overview
Values
Kantara Initiative - Trust Frameworks: A Global Context
Organizations, Industry and
Governments join Kantara
because we value:
• Trust
Operating Accreditation, Approval
and Certification programs
• Privacy
Developing privacy respecting
solutions.
• Security
Developing high security solutions
and practices
• Community
Bridging technology and policy
requirements
Trustees:
Trustees At-Large:
• Government of Canada
• Trans-European Research
Education Networking Association
4
Kantara Initiative: Overview
Stats
Kantara Initiative - Trust Frameworks: A Global Context
50+ Members Approved CSPs
100’s of Participants Accredited Assessors
5
Kantara Initiative: Overview
Federation, Compliance, and Interoperability
Kantara Initiative - Trust Frameworks: A Global Context
Members join Kantara because we
build trust and harmonization by
developing compliance criteria based
on requirements of end-users, relying
parties and identity providers.
Organizations become APPROVED
because we operate compliance
programs for multiple solutions that
fit a variety of requirements and
jurisdictions.
Kantara Builds Bridges
*Non-Profit 501c6
6
Kantara Initiative: Overview
Governance Model
Kantara Initiative - Trust Frameworks: A Global Context
Assurance
Review Board
Interoperability
Review Board
Operates Compliance
Programs
Leadership
Council
Consists of: Work
and Discussion
Group
Leadership
Develops Requirements
and Practices
Board of Trustees
Kantara Initiative: Overview
Work and Discussion Groups
JURISDICTIONPOLICY/TECH
KANTARA INITIATIVE WORK AND DISCUSSION GROUPS
USER-FOCUSED
ISWG
UMAWG
Consumer
ID
• (BCTF) Business Cases for Trusted
Federations
• (Consumer ID) Consumer Identity
• (eGov) eGovernment
• (FI) Federation Interoperability
• (HIA) Heath Identity Assurance
• (IA) Identity Assurance
• (IS) Information Sharing
• (Japan) Japan
• (P3) Privacy and Public Policy
• (Telco ID) Telecommunication Identification
• (UMA) User Managed Access
• (CBP) Cloud Identity Best Practices
• (AIM) Attributes In Motion
WORK & DISCUSSION GROUP ACRONYMS:
Kantara Initiative - Trust Frameworks: A Global Context 7
ISWG
HIAWG P3WG
eGovWG
IAWG
AMDG
HIAWG
TELCO ID
eGovWG
JAPAN
CIBP AIM
8
Kantara Initiative: Overview
Liaisons and Governments
Kantara Initiative - Trust Frameworks: A Global Context
• ISO: 29115, 29100, 29191, 27001, 27002, etc
• ITU-T: X.1254 (was X.EAA), OITF
• OASIS: eGovernment, SAML SSTC, PMRM, etc
• OECD Internet Technical Advisory Committee (ITAC)
• Governments (Canada, UK, US, Sweden)
• Developing UK/US cross recognition approach (extending country by
country)
• Providing neutral forum for Government Programs and Agencies to share
information and identify common goals
• Performing confidential and non-confidential program reviews upon request
for specific international governments and government agencies
9
Kantara Initiative: Overview
National / International Initiatives
Kantara Initiative - Trust Frameworks: A Global Context
• US FICAM
• Only cross-vertical LoA 1-3 non-crypto Approved Trust Framework Provider
• US NSTIC
• Kantara Identity Assurance Framework – Service Assessment Criteria
• Ecosystem of Assessors
• AuthN >> moving toward Attribute Assurance
• UK IDAP
• Cross Jurisdiction recognition
• EUSTIC
• Kantara supporting as media sponsor and relevance to Kantara initiatives
• SWEDEN E-legitimation
• Kantara IAF referenced in emerging program toward municipality policy/tech interop
Federation and Trust Frameworks
Based on Levels of Assurance : Illustrated
10Kantara Initiative - Trust Frameworks: A Global Context
Federation and Trust Frameworks
What does Federation look like?
11Kantara Initiative - Trust Frameworks: A Global Context
Identity
Provider
Service
Provider
Trust
BANKINSURANCE
COMPANY
Authentication
Service
Access
Kantara Trust Framework:
Component Services
12Kantara Initiative - Trust Frameworks: A Global Context
Credential
Service
Provider
Identity
Proofing /
Verification
Organizational
Trust
Credential
Issuance /
Management
Responding to industry
experts Kantara
members create path to
component service
recognition.
Component Services:
• Identity Proofing /
Verification
• Credential Issuance
and Management
Kantara Accreditation and Approval:
Developing Trust Framework Profiles
2012 13Kantara Initiative - Trust Frameworks: A Global Context
Core Framework
Common, Well-Vetted
Foundation
Technical Profile
Specific Technical
Deployment Rules
Privacy Profile
Specific Policy / Regulation
Rules
Industry Profile
Specific Industry Based
Considerations / Rules
Jurisdiction Profile
Specific Policy / Regulation
Rules
14
Kantara Initiative: Overview
What does a Trust Framework look like?
Kantara Initiative - Trust Frameworks: A Global Context
Trust
Input
Requirements
in to Kantara
Kantara and
end-user
stakeholders
develop criteria
for assessment
Kantara
Accredited
Assessors
perform
assessments
Relying Parties
&
End-Users
Criteria for IdP /
CSP Assessment
to verify Trust
15
Trust Framework Model
Kantara Initiative - Trust Frameworks: A Global Context
Registration
Verification
Assessment
Certification
Process
Trust Status
Listing Service
Interested
Parties
Trust Status Listing Service,
Registry, White List
Identity Assurance Framework:
Documents
16Kantara Initiative - Trust Frameworks: A Global Context
IAF 1000 - Overview
Overview of of the IAF documents and structure
IAF 1100 - Glossary
Glossary of terms used in the IAF documents
IAF 1200 – Levels of Assurance
Overview in detail of the Levels of Assurance
IAF 1300 – Assurance Assessment Scheme
Process of how the Assurance Program operates
IAF 1400 – Service Assessment Criteria
Criteria that a Service will need to provide compliance to for
Service Approval at the different Levels of Assurance
IAF 1600 – Assessor Qualifications and Requirements
Qualifications that an Assessor must prove to become
Accredited to perform IAF assessments
Note: a Trust Framework
may apply specific profiles
for specific Technology
and Privacy Constraints
used to achieve Levels of
Assurance
17
Kantara Trust Framework:
Structure
Kantara Initiative - Trust Frameworks: A Global Context
Board of
Trustees
Trust Status
Published to:
Assurance
Assessment
Scheme
(AAS)
Assessor
Qualifications &
Requirements
(AQR)
Service
Assessment
Criteria
(SAC)
Core IAF Document Set
Identity Assurance
Framework (IAF) Complete Set of IAF Documents
Identity Assurance
Work Group (IAWG)
Manages the Set of IAF Documents
Assurance Review
Board (ARB)
Reviews & Verifies External Assessment
Kantara Trust Framework:
Accredited Assessors and Approved CSPs
Kantara Accredited to LoA 1-4
18Kantara Initiative - Trust Frameworks: A Global Context
Kantara Approved to LoA 3 non-crpyto
Verizon Universal Identity Service (VUIS)*
* ICAM Trust Framework Approval
IDPV Component Recognition
Norton Credential Service Provider
*ICAM Trust Framework Approval (Conditional)
Registered Applicant
Shaping the Future of Digital Identity
• @kantaranews
• kantarainitiative.org
• kantarainitiative.org/listinfo/community
• bit.ly/Kantara_Assurance
• kantarainitiative.org/membership/
19Kantara Initiative - Trust Frameworks: A Global Context
Thanks!
Questions?
•Kantara Executive Director: Joni Brennan joni@kantarainitiative.org
•General Inquiries: support@kantarainitiative.org

More Related Content

Viewers also liked

Romania
Romania Romania
Romania teq
 
Эффективность сайтов и рекламы интернет-магазинов
Эффективность сайтов и рекламы интернет-магазиновЭффективность сайтов и рекламы интернет-магазинов
Эффективность сайтов и рекламы интернет-магазиновТарасов Константин
 
Weldon - Animal Protection Legislation
Weldon - Animal Protection LegislationWeldon - Animal Protection Legislation
Weldon - Animal Protection Legislationanimalrightsadvocates
 
Open Arms (revised) - Adoption General Session
Open Arms (revised) - Adoption General SessionOpen Arms (revised) - Adoption General Session
Open Arms (revised) - Adoption General SessionAndy Lehman
 
RosExpert Career playbook
RosExpert Career playbookRosExpert Career playbook
RosExpert Career playbookFormulaS
 
Closet & storage concepts franchise dealer model 2011
Closet & storage concepts   franchise dealer model 2011Closet & storage concepts   franchise dealer model 2011
Closet & storage concepts franchise dealer model 2011BobLewis
 
Adoption Funding - More than dollars & cents
Adoption Funding - More than dollars & centsAdoption Funding - More than dollars & cents
Adoption Funding - More than dollars & centsAndy Lehman
 
! интересные идеи по работе с клиентами
! интересные идеи по работе с клиентами! интересные идеи по работе с клиентами
! интересные идеи по работе с клиентамиТарасов Константин
 
! правильно и неправльное использование инструментов Seo !!
! правильно и неправльное использование инструментов Seo !!! правильно и неправльное использование инструментов Seo !!
! правильно и неправльное использование инструментов Seo !!Тарасов Константин
 
РИФ 2016, Новые возможности рекламы в Facebook и Instagram
РИФ 2016, Новые возможности рекламы в Facebook и InstagramРИФ 2016, Новые возможности рекламы в Facebook и Instagram
РИФ 2016, Новые возможности рекламы в Facebook и InstagramТарасов Константин
 
员工健康指南
员工健康指南员工健康指南
员工健康指南odmproducts
 
Brush2 berries jeffmarshall
Brush2 berries  jeffmarshallBrush2 berries  jeffmarshall
Brush2 berries jeffmarshallAndy Lehman
 

Viewers also liked (20)

Romania
Romania Romania
Romania
 
Эффективность сайтов и рекламы интернет-магазинов
Эффективность сайтов и рекламы интернет-магазиновЭффективность сайтов и рекламы интернет-магазинов
Эффективность сайтов и рекламы интернет-магазинов
 
2.1. facebook.ads.robert.drysdale
2.1. facebook.ads.robert.drysdale2.1. facebook.ads.robert.drysdale
2.1. facebook.ads.robert.drysdale
 
Weldon - Animal Protection Legislation
Weldon - Animal Protection LegislationWeldon - Animal Protection Legislation
Weldon - Animal Protection Legislation
 
! веб консалтинг !!
! веб консалтинг !!! веб консалтинг !!
! веб консалтинг !!
 
Simultaneous Equation Poster
Simultaneous Equation PosterSimultaneous Equation Poster
Simultaneous Equation Poster
 
Open Arms (revised) - Adoption General Session
Open Arms (revised) - Adoption General SessionOpen Arms (revised) - Adoption General Session
Open Arms (revised) - Adoption General Session
 
RosExpert Career playbook
RosExpert Career playbookRosExpert Career playbook
RosExpert Career playbook
 
Closet & storage concepts franchise dealer model 2011
Closet & storage concepts   franchise dealer model 2011Closet & storage concepts   franchise dealer model 2011
Closet & storage concepts franchise dealer model 2011
 
Adoption Funding - More than dollars & cents
Adoption Funding - More than dollars & centsAdoption Funding - More than dollars & cents
Adoption Funding - More than dollars & cents
 
! интересные идеи по работе с клиентами
! интересные идеи по работе с клиентами! интересные идеи по работе с клиентами
! интересные идеи по работе с клиентами
 
! правильно и неправльное использование инструментов Seo !!
! правильно и неправльное использование инструментов Seo !!! правильно и неправльное использование инструментов Seo !!
! правильно и неправльное использование инструментов Seo !!
 
Canada
CanadaCanada
Canada
 
РИФ 2016, Новые возможности рекламы в Facebook и Instagram
РИФ 2016, Новые возможности рекламы в Facebook и InstagramРИФ 2016, Новые возможности рекламы в Facebook и Instagram
РИФ 2016, Новые возможности рекламы в Facebook и Instagram
 
员工健康指南
员工健康指南员工健康指南
员工健康指南
 
Ready2
Ready2Ready2
Ready2
 
Lesson from geese
Lesson from geeseLesson from geese
Lesson from geese
 
Аудит сайта
Аудит сайтаАудит сайта
Аудит сайта
 
Brush2 berries jeffmarshall
Brush2 berries  jeffmarshallBrush2 berries  jeffmarshall
Brush2 berries jeffmarshall
 
Part 8
Part 8Part 8
Part 8
 

Similar to Kantara Overview June 2013

Kantara a Global Context 2011
Kantara a Global Context 2011Kantara a Global Context 2011
Kantara a Global Context 2011kantarainitiative
 
Credential Transparency Initiative - Orientation for Registry Partners
Credential Transparency Initiative - Orientation for Registry PartnersCredential Transparency Initiative - Orientation for Registry Partners
Credential Transparency Initiative - Orientation for Registry PartnersCredential Engine
 
Kantara Orientation for CARIN Digital ID Summit
Kantara Orientation for CARIN Digital ID SummitKantara Orientation for CARIN Digital ID Summit
Kantara Orientation for CARIN Digital ID SummitNoreen Whysel
 
Credential Transparency Initiative Overview Webinar - November 17, 2015
Credential Transparency Initiative Overview Webinar - November 17, 2015Credential Transparency Initiative Overview Webinar - November 17, 2015
Credential Transparency Initiative Overview Webinar - November 17, 2015Credential Engine
 
Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...
Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...
Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...ValueMomentum
 
Secrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance ProjectsSecrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance ProjectsChristopher Foot
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15kantarainitiative
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15kantarainitiative
 
Kantara initiative - AGM 2022
Kantara initiative - AGM 2022Kantara initiative - AGM 2022
Kantara initiative - AGM 2022kantarainitiative
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkTuan Phan
 
2014 07-19 id cloud summit
2014 07-19 id cloud summit2014 07-19 id cloud summit
2014 07-19 id cloud summitCloudIDSummit
 
CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...
CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...
CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...CloudIDSummit
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPScott Baron
 
Allot Real Life Use Cases for Customer Enagagement
Allot Real Life Use Cases for Customer EnagagementAllot Real Life Use Cases for Customer Enagagement
Allot Real Life Use Cases for Customer EnagagementAllot Communications
 
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
Cloud Computing   Cynthia Carpio-beck's  Work sample of product-service prese...Cloud Computing   Cynthia Carpio-beck's  Work sample of product-service prese...
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...Cynthia Renée Beck, SCPM, MBA
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingPhil Agcaoili
 

Similar to Kantara Overview June 2013 (20)

Kantara a Global Context 2011
Kantara a Global Context 2011Kantara a Global Context 2011
Kantara a Global Context 2011
 
Ki overview-2014
Ki overview-2014Ki overview-2014
Ki overview-2014
 
Kantara Workshop at CIS
Kantara Workshop at CISKantara Workshop at CIS
Kantara Workshop at CIS
 
Credential Transparency Initiative - Orientation for Registry Partners
Credential Transparency Initiative - Orientation for Registry PartnersCredential Transparency Initiative - Orientation for Registry Partners
Credential Transparency Initiative - Orientation for Registry Partners
 
Kantara Orientation for CARIN Digital ID Summit
Kantara Orientation for CARIN Digital ID SummitKantara Orientation for CARIN Digital ID Summit
Kantara Orientation for CARIN Digital ID Summit
 
Credential Transparency Initiative Overview Webinar - November 17, 2015
Credential Transparency Initiative Overview Webinar - November 17, 2015Credential Transparency Initiative Overview Webinar - November 17, 2015
Credential Transparency Initiative Overview Webinar - November 17, 2015
 
Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...
Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...
Insurers Can Now Update ISO Rating Content Digitally - A webinar presentation...
 
Secrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance ProjectsSecrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance Projects
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15
 
Kantara initiative - AGM 2022
Kantara initiative - AGM 2022Kantara initiative - AGM 2022
Kantara initiative - AGM 2022
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
 
Third Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINALThird Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINAL
 
2014 07-19 id cloud summit
2014 07-19 id cloud summit2014 07-19 id cloud summit
2014 07-19 id cloud summit
 
CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...
CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...
CIS14: Kantara - Enabling Trusted and Secure Online Access to Government of C...
 
It12015
It12015It12015
It12015
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIP
 
Allot Real Life Use Cases for Customer Enagagement
Allot Real Life Use Cases for Customer EnagagementAllot Real Life Use Cases for Customer Enagagement
Allot Real Life Use Cases for Customer Enagagement
 
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
Cloud Computing   Cynthia Carpio-beck's  Work sample of product-service prese...Cloud Computing   Cynthia Carpio-beck's  Work sample of product-service prese...
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
 

More from kantarainitiative

2020 Annual General Meeting Executive Summary
2020 Annual General Meeting Executive Summary2020 Annual General Meeting Executive Summary
2020 Annual General Meeting Executive Summarykantarainitiative
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
Kantara uma webinar july 2020
Kantara uma webinar   july 2020Kantara uma webinar   july 2020
Kantara uma webinar july 2020kantarainitiative
 
Kantara orientation april 2020
Kantara orientation april 2020Kantara orientation april 2020
Kantara orientation april 2020kantarainitiative
 
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)kantarainitiative
 
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)kantarainitiative
 
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)kantarainitiative
 
Mobile Device and Attribute Validation (MDAV)
Mobile Device and Attribute Validation (MDAV)Mobile Device and Attribute Validation (MDAV)
Mobile Device and Attribute Validation (MDAV)kantarainitiative
 
Kantara Initiative, Inc in 2016
Kantara Initiative, Inc in 2016 Kantara Initiative, Inc in 2016
Kantara Initiative, Inc in 2016 kantarainitiative
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Updatekantarainitiative
 
Extending the Power of Consent with User-Managed Access & OpenUMA
Extending the Power of Consent with User-Managed Access & OpenUMAExtending the Power of Consent with User-Managed Access & OpenUMA
Extending the Power of Consent with User-Managed Access & OpenUMAkantarainitiative
 
Protecting Personal Data in a IoT Network with UMA
 Protecting Personal Data in a IoT Network with UMA Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAkantarainitiative
 

More from kantarainitiative (20)

2021 Annual General Meeting
2021 Annual General Meeting2021 Annual General Meeting
2021 Annual General Meeting
 
2020 Annual General Meeting Executive Summary
2020 Annual General Meeting Executive Summary2020 Annual General Meeting Executive Summary
2020 Annual General Meeting Executive Summary
 
2020 Annual General Meeting
2020 Annual General Meeting2020 Annual General Meeting
2020 Annual General Meeting
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiative
 
Kantara uma webinar july 2020
Kantara uma webinar   july 2020Kantara uma webinar   july 2020
Kantara uma webinar july 2020
 
Kantara orientation april 2020
Kantara orientation april 2020Kantara orientation april 2020
Kantara orientation april 2020
 
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
 
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
 
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
Kantara Initiative orientation 2019 (incl. 10th Anniversary video)
 
Kantara orientation 2018
Kantara orientation 2018Kantara orientation 2018
Kantara orientation 2018
 
Kantara Overview 2017
Kantara Overview 2017Kantara Overview 2017
Kantara Overview 2017
 
Cloud Identity Summit
Cloud Identity SummitCloud Identity Summit
Cloud Identity Summit
 
Trust Frameworks Explained
Trust Frameworks ExplainedTrust Frameworks Explained
Trust Frameworks Explained
 
Mobile Device and Attribute Validation (MDAV)
Mobile Device and Attribute Validation (MDAV)Mobile Device and Attribute Validation (MDAV)
Mobile Device and Attribute Validation (MDAV)
 
Kantara Initiative, Inc in 2016
Kantara Initiative, Inc in 2016 Kantara Initiative, Inc in 2016
Kantara Initiative, Inc in 2016
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Update
 
Extending the Power of Consent with User-Managed Access & OpenUMA
Extending the Power of Consent with User-Managed Access & OpenUMAExtending the Power of Consent with User-Managed Access & OpenUMA
Extending the Power of Consent with User-Managed Access & OpenUMA
 
The state of uma 2014 11-03
The state of uma 2014 11-03The state of uma 2014 11-03
The state of uma 2014 11-03
 
Laws of relationships v7
Laws of relationships v7Laws of relationships v7
Laws of relationships v7
 
Protecting Personal Data in a IoT Network with UMA
 Protecting Personal Data in a IoT Network with UMA Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA
 

Recently uploaded

9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 

Recently uploaded (20)

9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 

Kantara Overview June 2013

  • 1. Trust Frameworks: Shaping the future of Digital Identity Joni Brennan, Executive Director 2013
  • 2. Problem 2012 2Kantara Initiative - Trust Frameworks: A Global Context • Inefficient • Does not scale • Poor high risk solution
  • 3. 3 Kantara Initiative: Overview Values Kantara Initiative - Trust Frameworks: A Global Context Organizations, Industry and Governments join Kantara because we value: • Trust Operating Accreditation, Approval and Certification programs • Privacy Developing privacy respecting solutions. • Security Developing high security solutions and practices • Community Bridging technology and policy requirements Trustees: Trustees At-Large: • Government of Canada • Trans-European Research Education Networking Association
  • 4. 4 Kantara Initiative: Overview Stats Kantara Initiative - Trust Frameworks: A Global Context 50+ Members Approved CSPs 100’s of Participants Accredited Assessors
  • 5. 5 Kantara Initiative: Overview Federation, Compliance, and Interoperability Kantara Initiative - Trust Frameworks: A Global Context Members join Kantara because we build trust and harmonization by developing compliance criteria based on requirements of end-users, relying parties and identity providers. Organizations become APPROVED because we operate compliance programs for multiple solutions that fit a variety of requirements and jurisdictions. Kantara Builds Bridges *Non-Profit 501c6
  • 6. 6 Kantara Initiative: Overview Governance Model Kantara Initiative - Trust Frameworks: A Global Context Assurance Review Board Interoperability Review Board Operates Compliance Programs Leadership Council Consists of: Work and Discussion Group Leadership Develops Requirements and Practices Board of Trustees
  • 7. Kantara Initiative: Overview Work and Discussion Groups JURISDICTIONPOLICY/TECH KANTARA INITIATIVE WORK AND DISCUSSION GROUPS USER-FOCUSED ISWG UMAWG Consumer ID • (BCTF) Business Cases for Trusted Federations • (Consumer ID) Consumer Identity • (eGov) eGovernment • (FI) Federation Interoperability • (HIA) Heath Identity Assurance • (IA) Identity Assurance • (IS) Information Sharing • (Japan) Japan • (P3) Privacy and Public Policy • (Telco ID) Telecommunication Identification • (UMA) User Managed Access • (CBP) Cloud Identity Best Practices • (AIM) Attributes In Motion WORK & DISCUSSION GROUP ACRONYMS: Kantara Initiative - Trust Frameworks: A Global Context 7 ISWG HIAWG P3WG eGovWG IAWG AMDG HIAWG TELCO ID eGovWG JAPAN CIBP AIM
  • 8. 8 Kantara Initiative: Overview Liaisons and Governments Kantara Initiative - Trust Frameworks: A Global Context • ISO: 29115, 29100, 29191, 27001, 27002, etc • ITU-T: X.1254 (was X.EAA), OITF • OASIS: eGovernment, SAML SSTC, PMRM, etc • OECD Internet Technical Advisory Committee (ITAC) • Governments (Canada, UK, US, Sweden) • Developing UK/US cross recognition approach (extending country by country) • Providing neutral forum for Government Programs and Agencies to share information and identify common goals • Performing confidential and non-confidential program reviews upon request for specific international governments and government agencies
  • 9. 9 Kantara Initiative: Overview National / International Initiatives Kantara Initiative - Trust Frameworks: A Global Context • US FICAM • Only cross-vertical LoA 1-3 non-crypto Approved Trust Framework Provider • US NSTIC • Kantara Identity Assurance Framework – Service Assessment Criteria • Ecosystem of Assessors • AuthN >> moving toward Attribute Assurance • UK IDAP • Cross Jurisdiction recognition • EUSTIC • Kantara supporting as media sponsor and relevance to Kantara initiatives • SWEDEN E-legitimation • Kantara IAF referenced in emerging program toward municipality policy/tech interop
  • 10. Federation and Trust Frameworks Based on Levels of Assurance : Illustrated 10Kantara Initiative - Trust Frameworks: A Global Context
  • 11. Federation and Trust Frameworks What does Federation look like? 11Kantara Initiative - Trust Frameworks: A Global Context Identity Provider Service Provider Trust BANKINSURANCE COMPANY Authentication Service Access
  • 12. Kantara Trust Framework: Component Services 12Kantara Initiative - Trust Frameworks: A Global Context Credential Service Provider Identity Proofing / Verification Organizational Trust Credential Issuance / Management Responding to industry experts Kantara members create path to component service recognition. Component Services: • Identity Proofing / Verification • Credential Issuance and Management
  • 13. Kantara Accreditation and Approval: Developing Trust Framework Profiles 2012 13Kantara Initiative - Trust Frameworks: A Global Context Core Framework Common, Well-Vetted Foundation Technical Profile Specific Technical Deployment Rules Privacy Profile Specific Policy / Regulation Rules Industry Profile Specific Industry Based Considerations / Rules Jurisdiction Profile Specific Policy / Regulation Rules
  • 14. 14 Kantara Initiative: Overview What does a Trust Framework look like? Kantara Initiative - Trust Frameworks: A Global Context Trust Input Requirements in to Kantara Kantara and end-user stakeholders develop criteria for assessment Kantara Accredited Assessors perform assessments Relying Parties & End-Users Criteria for IdP / CSP Assessment to verify Trust
  • 15. 15 Trust Framework Model Kantara Initiative - Trust Frameworks: A Global Context Registration Verification Assessment Certification Process Trust Status Listing Service Interested Parties Trust Status Listing Service, Registry, White List
  • 16. Identity Assurance Framework: Documents 16Kantara Initiative - Trust Frameworks: A Global Context IAF 1000 - Overview Overview of of the IAF documents and structure IAF 1100 - Glossary Glossary of terms used in the IAF documents IAF 1200 – Levels of Assurance Overview in detail of the Levels of Assurance IAF 1300 – Assurance Assessment Scheme Process of how the Assurance Program operates IAF 1400 – Service Assessment Criteria Criteria that a Service will need to provide compliance to for Service Approval at the different Levels of Assurance IAF 1600 – Assessor Qualifications and Requirements Qualifications that an Assessor must prove to become Accredited to perform IAF assessments Note: a Trust Framework may apply specific profiles for specific Technology and Privacy Constraints used to achieve Levels of Assurance
  • 17. 17 Kantara Trust Framework: Structure Kantara Initiative - Trust Frameworks: A Global Context Board of Trustees Trust Status Published to: Assurance Assessment Scheme (AAS) Assessor Qualifications & Requirements (AQR) Service Assessment Criteria (SAC) Core IAF Document Set Identity Assurance Framework (IAF) Complete Set of IAF Documents Identity Assurance Work Group (IAWG) Manages the Set of IAF Documents Assurance Review Board (ARB) Reviews & Verifies External Assessment
  • 18. Kantara Trust Framework: Accredited Assessors and Approved CSPs Kantara Accredited to LoA 1-4 18Kantara Initiative - Trust Frameworks: A Global Context Kantara Approved to LoA 3 non-crpyto Verizon Universal Identity Service (VUIS)* * ICAM Trust Framework Approval IDPV Component Recognition Norton Credential Service Provider *ICAM Trust Framework Approval (Conditional) Registered Applicant
  • 19. Shaping the Future of Digital Identity • @kantaranews • kantarainitiative.org • kantarainitiative.org/listinfo/community • bit.ly/Kantara_Assurance • kantarainitiative.org/membership/ 19Kantara Initiative - Trust Frameworks: A Global Context
  • 20. Thanks! Questions? •Kantara Executive Director: Joni Brennan joni@kantarainitiative.org •General Inquiries: support@kantarainitiative.org