Progress Toward an Identity Ecosystem
Sorry for the late post on this item from March, but it’s important to the future of the internet, and identity management. (hey, read the white paper below before you start chanting “One sign-on to rule them all and in the darkness…”)
The National Institute of Standards and Technology met its March 16 deadline to produce baseline requirements for its Identity Ecosystem Framework (IDEF), the bedrock document aimed at revving up a move to more secure credentials that are interoperable across the Internet and a big advance toward the holy grail of a single, Internetwide sign-on for individuals.
The first version of the IDEF will be launched sometime this summer. By defining the overall set of interoperability standards, risk models, privacy and liability policies needed to fully describe an identity-based ecosystem, both government and private organizations will be able to see how their identity efforts match up to the IDEF requirements.
The IDEF springs from the Obama administration’s National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative, which was launched in 2011. The intent was for the government, through NIST, to bring together the private sector, advocacy groups and government agencies to create an environment that replaces the current one, which uses many different kinds of authentication to access online services,