SlideShare ist ein Scribd-Unternehmen logo

NSTIC IDESG ID Ecosystem Conceptual Model v02

Andrew Hughes
Andrew Hughes

A conceptual model of the nascent NSTIC ID Ecosystem. A proposal that the concept of Online Community is centred on the interaction between provider and consumer of online services, supported by Identity Service providers.

BusinessTechnologie
1 von 33
NSTIC ID Ecosystem A Conceptual Model v02 Andrew Hughes September 2013 AndrewHughes3000@gmail.com - September 2013 1
This slide deck was created September 2013 by Andrew Hughes – please contact for more information or comments. This deck builds upon material in the presentation deck originally presented to IDESG Committees at the July 2013 IDESG Plenary meeting at MIT. AndrewHughes3000@gmail.com www.idimmusings.com This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA. AndrewHughes3000@gmail.com - September 2013 2
Objectives • To describe the NSTIC ID Ecosystem focusing on the interactions between members of an “Online Community”* • To describe how major NSTIC Strategy Document elements work together to define an ID Ecosystem and its participants AndrewHughes3000@gmail.com - September 2013 3 * The “Online Community” is central to the NSTIC ID Ecosystem concept
Context • This „conceptual model‟ sits above items such as standards, use cases, functional models • The intent is to offer a view of what the target state ID Ecosystem might look like and give structure to the components of the NSTIC ID Ecosystem AndrewHughes3000@gmail.com - September 2013 4
The NSTIC ID Ecosystem* will consist of different online communities that use interoperable technology, processes, and policies AndrewHughes3000@gmail.com - September 2013 5 *Source: The NSTIC Strategy Document
Take-away Concepts • A defining characteristic of the ID Ecosystem is that it is comprised of “online communities” interacting in a variety of ways AndrewHughes3000@gmail.com - September 2013 6
NSTIC Vision* Individuals and organizations utilize secure, efficient, easy-to-use and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation. AndrewHughes3000@gmail.com - September 2013 7 *Source: The NSTIC Strategy Document
Take-away Concepts • Access to online services is the central concept of the Vision • “Identity Services” enable access to online services • The online services and identity services must have features and capabilities that encourage adoption and use, and mitigate concerns and barriers to acceptance AndrewHughes3000@gmail.com - September 2013 8
Trust Framework* • developed by a community • defines the rights and responsibilities of that community‟s participants • specifies the policies and standards specific to the community • defines the community-specific processes and procedures that provide assurance • considers the level of risk associated with the transaction types of its participants AndrewHughes3000@gmail.com - September 2013 9 *Source: The NSTIC Strategy Document
Take-away Concepts • The online community sets their own policies, standards and rules around the transactions and interactions of their members AndrewHughes3000@gmail.com - September 2013 10
In A Nutshell • Online Communities set their own rules according to their members‟ needs • Online Communities interact with each other in the ID Ecosystem • The rules of different Online Communities may be different • Access to online services enabled by identity solutions is at the heart of the ID Ecosystem AndrewHughes3000@gmail.com - September 2013 11
NSTIC ID Ecosystem? AndrewHughes3000@gmail.com - September 2013 12 ID Ecosystem Framework Rules
Take-away Concepts • Online Communities „inside the line‟ have been evaluated against the ID Ecosystem Framework policies, standards and rules • These communities meet the conditions of inclusion • The nature of the inter-community interactions is currently unknown and undefined (?) • Although there are Online Communities outside the NSTIC ID Ecosystem, they are not shown here AndrewHughes3000@gmail.com - September 2013 13
Online Community • Take a closer look at the internal structure of an “Online Community” AndrewHughes3000@gmail.com - September 2013 14
A Proposed Point of View • Within an Online Community, think of „Access to Online Services‟ as an interaction or transaction between a provider and consumer of that online service • The provider, consumer and service must abide by the rules of the Online Community – the Trust Framework rules • The online service consumer can choose which providers and services (and Communities!) meet their needs, including privacy, security, reliability, ease of use, confidence, etc. • The online service provider defines what an online service consumer must do in order to receive service – the “Terms of Service” • Some terms might be satisfied by presenting third-party credentials or tokens; or by payment; or by group affiliation or membership AndrewHughes3000@gmail.com - September 2013 15
The „Transaction‟ Point of View In this point of view the working unit is the interaction/transaction between provider and consumer plus the Terms of Service plus the Fulfillment of those terms meeting the community‟s Trust Framework rules – all else exists to support this interaction AndrewHughes3000@gmail.com - September 2013 16
A “Community” Unit AndrewHughes3000@gmail.com - September 2013 17 e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms Community Trust Framework Rules e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Type Interaction Type Terms of Service Fulfillment of Terms
Where‟s the IdP? • For that matter, where‟s the CSP, CA, IdP/V, RP and all the other Assurance, Trust and Identity bits? • This conceptual model considers them to be the means by which Terms of Service are expressed and fulfilled – so they do not appear at this level of abstraction AndrewHughes3000@gmail.com - September 2013 18
The “Online Community” AndrewHughes3000@gmail.com - September 2013 19 The Community • Shared values, beliefs, principles • Common goals and objectives • Has „tools‟ for joining • Has „tools‟ for locating • Could be mandated by law The Transaction • A particular set of commercial, social, „social contract‟, or information exchanges that exist for the community, in support of their common goals Business • Shared need to perform transactions in the context of the community Legal • Trust Framework agreements • Commercial contracts • Legal Framework Technical • Protocol suites & capability • Network Connectivity • Shared Standards The Online Community Trust Framework Rules
• The provider states the “Terms of Service” for transacting or interacting with their online service • The Terms must comply with the Online Community Trust Framework Rules, including accessibility, privacy, security, etc. • The individual/consumer chooses which providers to interact with, in part based on the Terms offered “Terms of Service” AndrewHughes3000@gmail.com - September 2013 20
Identity Services • Imagine some possible Terms of Service: • “Give me these attributes, cryptographically signed by an Attribute Provider I recognize, so I can verify your eligibility” • “Prove that you have authenticated successfully with an IdP I have a trust relationship with” • “Prove that you did the authentication with a Level 4 Credential” • That’s where they are – the „typical‟ Identity Services are support mechanisms to enable Terms that leverage third party identity and credential services AndrewHughes3000@gmail.com - September 2013 21
Some Examples of “Terms” Business • Payment / Money • Information • Eligibility Legal • Contract / Agreement • Terms and Conditions • Lawfulness Technical • Protocols & Standards • Crypto capability • Electronic Tokens & Credentials • Other technical capabilities AndrewHughes3000@gmail.com - September 2013 22
Entering the Ecosystem • Online Communities become formal participants in the NSTIC ID Ecosystem through an Accreditation Program • The Accreditation Program is being designed by teams in the IDESG • The Accreditation Program will be documented within the ID Ecosystem Framework AndrewHughes3000@gmail.com - September 2013 23
ID Ecosystem Framework* the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem AndrewHughes3000@gmail.com - September 2013 24 *Source: The NSTIC Strategy Document
Accreditation • IDESG, via the Accreditation Authority: • Assesses the Online Community and its participants against that Online Community‟s Trust Framework (Operating Rules) • Confers Trustmarks to signal to participants that Assessments and Accreditation has been done to a known standard AndrewHughes3000@gmail.com - September 2013 25
Accreditation Authority* assesses and validates identity providers, attribute providers, relying parties, and identity media, ensuring that they all adhere to an agreed-upon trust framework (the community’s trust framework) AndrewHughes3000@gmail.com - September 2013 26 *Source: The NSTIC Strategy Document
Trust Framework*, redux • developed by a community • defines the rights and responsibilities of that community‟s participants • specifies the policies and standards specific to the community • defines the community-specific processes and procedures that provide assurance • considers the level of risk associated with the transaction types of its participants AndrewHughes3000@gmail.com - September 2013 27 *Source: The NSTIC Strategy Document
Interoperable? • Interoperability within an Online Community is a defining feature of Online Communities • IDESG could foster technology, process and policy interoperability between Online Communities by defining common Accreditation Patterns for the inter-Community interactions • IDESG, via the Accreditation Authority, could assess and issue Trustmarks for the inter- Community interactions AndrewHughes3000@gmail.com - September 2013 28
Recap • Online communities set their own rules according to their members‟ needs • Online communities interact with each other in the ID Ecosystem • The rules of different Online Communities may be different • Access to online services enabled by identity solutions is at the heart of the ID Ecosystem • IDESG serves to establish the ID Ecosystem Framework and Programs needed to identify and evaluate Online Communities seeking to participate in the NSTIC ID Ecosystem AndrewHughes3000@gmail.com - September 2013 29
NSTIC ID Ecosystem? AndrewHughes3000@gmail.com - September 2013 30 ID Ecosystem Framework Rules
A “Community” Unit AndrewHughes3000@gmail.com - September 2013 31 e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms Community Trust Framework Rules e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Type Interaction Type Terms of Service Fulfillment of Terms
Next Steps • Develop narrative scenarios that explain what an individual might experience when seeking services or engaging with a provider of services • Refine the concept of „Terms of Service‟ • Develop examples that explain how this new concept relates to real-world implementations • Define the nature of „interoperable interactions‟ between Online Communities • What policy, protocol, technology or practice conditions must exist in order to be considered „interoperable‟? • Relate the conceptual model to other IDESG work products • How does this model fit the work already completed in Standards, Security, Privacy, Functional Model, etc? AndrewHughes3000@gmail.com - September 2013 32
Your Feedback • Please consider commenting on this slide deck at www.idimmusings.com • Feedback, questions, concerns are welcome, please direct to AndrewHughes3000@gmail.com AndrewHughes3000@gmail.com - September 2013 33

Empfohlen

Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
SSIMeetup
 
Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...
Mydex CIC
 
The role of the individual in "digital by default" public services
The role of the individual in "digital by default" public servicesThe role of the individual in "digital by default" public services
The role of the individual in "digital by default" public services
Mydex CIC
 
Oix local government mydex platform overview 2nd july 2013
Oix local government mydex platform overview 2nd july 2013Oix local government mydex platform overview 2nd july 2013
Oix local government mydex platform overview 2nd july 2013
Mydex CIC
 
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Mydex CIC
 
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Franck Franchin
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher Allen
SSIMeetup
 
【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts
【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts
【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts
blockchainexe
 

Empfohlen

Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
SSIMeetup
 
Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...
Mydex CIC
 
The role of the individual in "digital by default" public services
The role of the individual in "digital by default" public servicesThe role of the individual in "digital by default" public services
The role of the individual in "digital by default" public services
Mydex CIC
 
Oix local government mydex platform overview 2nd july 2013
Oix local government mydex platform overview 2nd july 2013Oix local government mydex platform overview 2nd july 2013
Oix local government mydex platform overview 2nd july 2013
Mydex CIC
 
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Mydex CIC
 
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Cloud & Privacy - Lecture at University Paris Sud - March 18th, 2013
Franck Franchin
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher Allen
SSIMeetup
 
【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts
【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts
【Blockchain EXE NY】Self Sovereign Identity - Smart homes & Smart contracts
blockchainexe
 
Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...
Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...
Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...
Chad Lawler
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
Eryk Budi Pratama
 
Exploring Blockchain Technology, Risks, and Emerging Trends
Exploring Blockchain Technology, Risks, and Emerging TrendsExploring Blockchain Technology, Risks, and Emerging Trends
Exploring Blockchain Technology, Risks, and Emerging Trends
Amazon Web Services
 
IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...
IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...
IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...
MicheleNati
 
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
MicheleNati
 
Nina Kilbride (Monax) talk: Agreements Network
Nina Kilbride (Monax) talk: Agreements NetworkNina Kilbride (Monax) talk: Agreements Network
Nina Kilbride (Monax) talk: Agreements Network
Rachel Davison
 
How Personal Cloud Networks Enable New Business Models
How Personal Cloud Networks Enable New Business ModelsHow Personal Cloud Networks Enable New Business Models
How Personal Cloud Networks Enable New Business Models
drummondreed
 
Blockchanging the world - An overview of the blockchain academic landscape
Blockchanging the world - An overview of the blockchain academic landscapeBlockchanging the world - An overview of the blockchain academic landscape
Blockchanging the world - An overview of the blockchain academic landscape
Sebastian Cochinescu
 
Five Considerations for Blockchain Applied to Data Privacy & GDPR
Five Considerations for Blockchain Applied to Data Privacy & GDPRFive Considerations for Blockchain Applied to Data Privacy & GDPR
Five Considerations for Blockchain Applied to Data Privacy & GDPR
DivyaConsagous
 
BlockchainIntro.com
BlockchainIntro.comBlockchainIntro.com
BlockchainIntro.com
Sanjeev Verma, PhD
 
BT Cloud Security Whitepaper
BT Cloud Security WhitepaperBT Cloud Security Whitepaper
BT Cloud Security Whitepaper
Dean Bonehill ♠Technology for Business♠
 
Inter Lab06 Bebo White 1
Inter Lab06 Bebo White 1Inter Lab06 Bebo White 1
Inter Lab06 Bebo White 1
Ram Srivastava
 
Iiw east openidentityforopengovfinal
Iiw east openidentityforopengovfinalIiw east openidentityforopengovfinal
Iiw east openidentityforopengovfinal
MaryIIW
 
Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019
Tony Lai
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
Prateek Panda
 
Ten trends of blockchain in 2020
Ten trends of blockchain in 2020Ten trends of blockchain in 2020
Ten trends of blockchain in 2020
Ahmed Banafa
 
Blockchain in Banking.
Blockchain in Banking.Blockchain in Banking.
Blockchain in Banking.
Modefin1
 
Andoni 2019-blockchain-technology-in-the-energy (2)
Andoni 2019-blockchain-technology-in-the-energy (2)Andoni 2019-blockchain-technology-in-the-energy (2)
Andoni 2019-blockchain-technology-in-the-energy (2)
Li Nu
 
NSTIC ID Ecosystem - A Conceptual Model v03 - Andrew Hughes
NSTIC ID Ecosystem - A Conceptual Model v03 - Andrew HughesNSTIC ID Ecosystem - A Conceptual Model v03 - Andrew Hughes
NSTIC ID Ecosystem - A Conceptual Model v03 - Andrew Hughes
Andrew Hughes
 
A Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
A Conceptual Model for the NSTIC ID Ecosystem - Discussion DraftA Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
A Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
Andrew Hughes
 
Age Verification: Reaching a Tipping Point
Age Verification: Reaching a Tipping PointAge Verification: Reaching a Tipping Point
Age Verification: Reaching a Tipping Point
Dr Rachel O'Connell
 
Federated Identity - DLNE 11th December
Federated Identity - DLNE 11th DecemberFederated Identity - DLNE 11th December
Federated Identity - DLNE 11th December
MyDigitalBiz-DLNE
 

Weitere ähnliche Inhalte

Was ist angesagt?

Exploring Blockchain Technology, Risks, and Emerging Trends
Exploring Blockchain Technology, Risks, and Emerging TrendsExploring Blockchain Technology, Risks, and Emerging Trends
Exploring Blockchain Technology, Risks, and Emerging Trends
Amazon Web Services
 
Iiw east openidentityforopengovfinal
Iiw east openidentityforopengovfinalIiw east openidentityforopengovfinal
Iiw east openidentityforopengovfinal
MaryIIW
 
Blockchain in Banking.
Blockchain in Banking.Blockchain in Banking.
Blockchain in Banking.
Modefin1
 
Andoni 2019-blockchain-technology-in-the-energy (2)
Andoni 2019-blockchain-technology-in-the-energy (2)Andoni 2019-blockchain-technology-in-the-energy (2)
Andoni 2019-blockchain-technology-in-the-energy (2)
Li Nu
 

Was ist angesagt? (18)

Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...
Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...
Security & Compliance in the Cloud - Proactively Managing Governance, Risk & ...
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Exploring Blockchain Technology, Risks, and Emerging Trends
Exploring Blockchain Technology, Risks, and Emerging TrendsExploring Blockchain Technology, Risks, and Emerging Trends
Exploring Blockchain Technology, Risks, and Emerging Trends
 
IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...
IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...
IoTMeetupGuildford#20: Michele Nati, Personal data and Blockchain: Opportunit...
 
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
 
Nina Kilbride (Monax) talk: Agreements Network
Nina Kilbride (Monax) talk: Agreements NetworkNina Kilbride (Monax) talk: Agreements Network
Nina Kilbride (Monax) talk: Agreements Network
 
How Personal Cloud Networks Enable New Business Models
How Personal Cloud Networks Enable New Business ModelsHow Personal Cloud Networks Enable New Business Models
How Personal Cloud Networks Enable New Business Models
 
Blockchanging the world - An overview of the blockchain academic landscape
Blockchanging the world - An overview of the blockchain academic landscapeBlockchanging the world - An overview of the blockchain academic landscape
Blockchanging the world - An overview of the blockchain academic landscape
 
Five Considerations for Blockchain Applied to Data Privacy & GDPR
Five Considerations for Blockchain Applied to Data Privacy & GDPRFive Considerations for Blockchain Applied to Data Privacy & GDPR
Five Considerations for Blockchain Applied to Data Privacy & GDPR
 
BlockchainIntro.com
BlockchainIntro.comBlockchainIntro.com
BlockchainIntro.com
 
BT Cloud Security Whitepaper
BT Cloud Security WhitepaperBT Cloud Security Whitepaper
BT Cloud Security Whitepaper
 
Inter Lab06 Bebo White 1
Inter Lab06 Bebo White 1Inter Lab06 Bebo White 1
Inter Lab06 Bebo White 1
 
Iiw east openidentityforopengovfinal
Iiw east openidentityforopengovfinalIiw east openidentityforopengovfinal
Iiw east openidentityforopengovfinal
 
Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
 
Ten trends of blockchain in 2020
Ten trends of blockchain in 2020Ten trends of blockchain in 2020
Ten trends of blockchain in 2020
 
Blockchain in Banking.
Blockchain in Banking.Blockchain in Banking.
Blockchain in Banking.
 
Andoni 2019-blockchain-technology-in-the-energy (2)
Andoni 2019-blockchain-technology-in-the-energy (2)Andoni 2019-blockchain-technology-in-the-energy (2)
Andoni 2019-blockchain-technology-in-the-energy (2)
 

Ähnlich wie NSTIC IDESG ID Ecosystem Conceptual Model v02

A Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
A Conceptual Model for the NSTIC ID Ecosystem - Discussion DraftA Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
A Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
Andrew Hughes
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
Graeme Wood
 
Cloud Customer Architecture for Enterprise Social Collaboration
Cloud Customer Architecture for Enterprise Social CollaborationCloud Customer Architecture for Enterprise Social Collaboration
Cloud Customer Architecture for Enterprise Social Collaboration
Cloud Standards Customer Council
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
SSIMeetup
 

Ähnlich wie NSTIC IDESG ID Ecosystem Conceptual Model v02 (20)

NSTIC ID Ecosystem - A Conceptual Model v03 - Andrew Hughes
NSTIC ID Ecosystem - A Conceptual Model v03 - Andrew HughesNSTIC ID Ecosystem - A Conceptual Model v03 - Andrew Hughes
NSTIC ID Ecosystem - A Conceptual Model v03 - Andrew Hughes
 
A Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
A Conceptual Model for the NSTIC ID Ecosystem - Discussion DraftA Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
A Conceptual Model for the NSTIC ID Ecosystem - Discussion Draft
 
Age Verification: Reaching a Tipping Point
Age Verification: Reaching a Tipping PointAge Verification: Reaching a Tipping Point
Age Verification: Reaching a Tipping Point
 
Federated Identity - DLNE 11th December
Federated Identity - DLNE 11th DecemberFederated Identity - DLNE 11th December
Federated Identity - DLNE 11th December
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
Introduction to CSA Australia 2013 by David Ross
Introduction to CSA Australia 2013 by David RossIntroduction to CSA Australia 2013 by David Ross
Introduction to CSA Australia 2013 by David Ross
 
Compliance in Public Cloud & CSA Framework
Compliance in Public Cloud & CSA FrameworkCompliance in Public Cloud & CSA Framework
Compliance in Public Cloud & CSA Framework
 
Respect Connect: From Social Login to Personal Cloud Login
Respect Connect: From Social Login to Personal Cloud LoginRespect Connect: From Social Login to Personal Cloud Login
Respect Connect: From Social Login to Personal Cloud Login
 
Project 13 #COMIT2018
Project 13 #COMIT2018Project 13 #COMIT2018
Project 13 #COMIT2018
 
Future of digital identity Programme summary - 15 dec 2018 lr
Future of digital identity Programme summary - 15 dec 2018 lrFuture of digital identity Programme summary - 15 dec 2018 lr
Future of digital identity Programme summary - 15 dec 2018 lr
 
Exchange of P2P services in the Collaborative Economy (PhD research-in-progress)
Exchange of P2P services in the Collaborative Economy (PhD research-in-progress)Exchange of P2P services in the Collaborative Economy (PhD research-in-progress)
Exchange of P2P services in the Collaborative Economy (PhD research-in-progress)
 
Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?
 
Reputation based model for decision making in the digital age
Reputation based model for decision making in the digital ageReputation based model for decision making in the digital age
Reputation based model for decision making in the digital age
 
Cloud Customer Architecture for Enterprise Social Collaboration
Cloud Customer Architecture for Enterprise Social CollaborationCloud Customer Architecture for Enterprise Social Collaboration
Cloud Customer Architecture for Enterprise Social Collaboration
 
How to Safely Scrape Data from Social Media Platforms and News Websites.pptx
How to Safely Scrape Data from Social Media Platforms and News Websites.pptxHow to Safely Scrape Data from Social Media Platforms and News Websites.pptx
How to Safely Scrape Data from Social Media Platforms and News Websites.pptx
 
How to Safely Scrape Data from Social Media Platforms and News Websites.pdf
How to Safely Scrape Data from Social Media Platforms and News Websites.pdfHow to Safely Scrape Data from Social Media Platforms and News Websites.pdf
How to Safely Scrape Data from Social Media Platforms and News Websites.pdf
 
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
 
Trust-Aid (Blockchain-based Charity system)
Trust-Aid (Blockchain-based Charity system)Trust-Aid (Blockchain-based Charity system)
Trust-Aid (Blockchain-based Charity system)
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
 
Aggregators
AggregatorsAggregators
Aggregators
 

Kürzlich hochgeladen

Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
amitlee9823
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Renandantas16
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
dollysharma2066
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
lizamodels9
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 

Kürzlich hochgeladen (20)

Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 

NSTIC IDESG ID Ecosystem Conceptual Model v02

  • 1. NSTIC ID Ecosystem A Conceptual Model v02 Andrew Hughes September 2013 AndrewHughes3000@gmail.com - September 2013 1
  • 2. This slide deck was created September 2013 by Andrew Hughes – please contact for more information or comments. This deck builds upon material in the presentation deck originally presented to IDESG Committees at the July 2013 IDESG Plenary meeting at MIT. AndrewHughes3000@gmail.com www.idimmusings.com This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA. AndrewHughes3000@gmail.com - September 2013 2
  • 3. Objectives • To describe the NSTIC ID Ecosystem focusing on the interactions between members of an “Online Community”* • To describe how major NSTIC Strategy Document elements work together to define an ID Ecosystem and its participants AndrewHughes3000@gmail.com - September 2013 3 * The “Online Community” is central to the NSTIC ID Ecosystem concept
  • 4. Context • This „conceptual model‟ sits above items such as standards, use cases, functional models • The intent is to offer a view of what the target state ID Ecosystem might look like and give structure to the components of the NSTIC ID Ecosystem AndrewHughes3000@gmail.com - September 2013 4
  • 5. The NSTIC ID Ecosystem* will consist of different online communities that use interoperable technology, processes, and policies AndrewHughes3000@gmail.com - September 2013 5 *Source: The NSTIC Strategy Document
  • 6. Take-away Concepts • A defining characteristic of the ID Ecosystem is that it is comprised of “online communities” interacting in a variety of ways AndrewHughes3000@gmail.com - September 2013 6
  • 7. NSTIC Vision* Individuals and organizations utilize secure, efficient, easy-to-use and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation. AndrewHughes3000@gmail.com - September 2013 7 *Source: The NSTIC Strategy Document
  • 8. Take-away Concepts • Access to online services is the central concept of the Vision • “Identity Services” enable access to online services • The online services and identity services must have features and capabilities that encourage adoption and use, and mitigate concerns and barriers to acceptance AndrewHughes3000@gmail.com - September 2013 8
  • 9. Trust Framework* • developed by a community • defines the rights and responsibilities of that community‟s participants • specifies the policies and standards specific to the community • defines the community-specific processes and procedures that provide assurance • considers the level of risk associated with the transaction types of its participants AndrewHughes3000@gmail.com - September 2013 9 *Source: The NSTIC Strategy Document
  • 10. Take-away Concepts • The online community sets their own policies, standards and rules around the transactions and interactions of their members AndrewHughes3000@gmail.com - September 2013 10
  • 11. In A Nutshell • Online Communities set their own rules according to their members‟ needs • Online Communities interact with each other in the ID Ecosystem • The rules of different Online Communities may be different • Access to online services enabled by identity solutions is at the heart of the ID Ecosystem AndrewHughes3000@gmail.com - September 2013 11
  • 12. NSTIC ID Ecosystem? AndrewHughes3000@gmail.com - September 2013 12 ID Ecosystem Framework Rules
  • 13. Take-away Concepts • Online Communities „inside the line‟ have been evaluated against the ID Ecosystem Framework policies, standards and rules • These communities meet the conditions of inclusion • The nature of the inter-community interactions is currently unknown and undefined (?) • Although there are Online Communities outside the NSTIC ID Ecosystem, they are not shown here AndrewHughes3000@gmail.com - September 2013 13
  • 14. Online Community • Take a closer look at the internal structure of an “Online Community” AndrewHughes3000@gmail.com - September 2013 14
  • 15. A Proposed Point of View • Within an Online Community, think of „Access to Online Services‟ as an interaction or transaction between a provider and consumer of that online service • The provider, consumer and service must abide by the rules of the Online Community – the Trust Framework rules • The online service consumer can choose which providers and services (and Communities!) meet their needs, including privacy, security, reliability, ease of use, confidence, etc. • The online service provider defines what an online service consumer must do in order to receive service – the “Terms of Service” • Some terms might be satisfied by presenting third-party credentials or tokens; or by payment; or by group affiliation or membership AndrewHughes3000@gmail.com - September 2013 15
  • 16. The „Transaction‟ Point of View In this point of view the working unit is the interaction/transaction between provider and consumer plus the Terms of Service plus the Fulfillment of those terms meeting the community‟s Trust Framework rules – all else exists to support this interaction AndrewHughes3000@gmail.com - September 2013 16
  • 17. A “Community” Unit AndrewHughes3000@gmail.com - September 2013 17 e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms Community Trust Framework Rules e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Type Interaction Type Terms of Service Fulfillment of Terms
  • 18. Where‟s the IdP? • For that matter, where‟s the CSP, CA, IdP/V, RP and all the other Assurance, Trust and Identity bits? • This conceptual model considers them to be the means by which Terms of Service are expressed and fulfilled – so they do not appear at this level of abstraction AndrewHughes3000@gmail.com - September 2013 18
  • 19. The “Online Community” AndrewHughes3000@gmail.com - September 2013 19 The Community • Shared values, beliefs, principles • Common goals and objectives • Has „tools‟ for joining • Has „tools‟ for locating • Could be mandated by law The Transaction • A particular set of commercial, social, „social contract‟, or information exchanges that exist for the community, in support of their common goals Business • Shared need to perform transactions in the context of the community Legal • Trust Framework agreements • Commercial contracts • Legal Framework Technical • Protocol suites & capability • Network Connectivity • Shared Standards The Online Community Trust Framework Rules
  • 20. • The provider states the “Terms of Service” for transacting or interacting with their online service • The Terms must comply with the Online Community Trust Framework Rules, including accessibility, privacy, security, etc. • The individual/consumer chooses which providers to interact with, in part based on the Terms offered “Terms of Service” AndrewHughes3000@gmail.com - September 2013 20
  • 21. Identity Services • Imagine some possible Terms of Service: • “Give me these attributes, cryptographically signed by an Attribute Provider I recognize, so I can verify your eligibility” • “Prove that you have authenticated successfully with an IdP I have a trust relationship with” • “Prove that you did the authentication with a Level 4 Credential” • That’s where they are – the „typical‟ Identity Services are support mechanisms to enable Terms that leverage third party identity and credential services AndrewHughes3000@gmail.com - September 2013 21
  • 22. Some Examples of “Terms” Business • Payment / Money • Information • Eligibility Legal • Contract / Agreement • Terms and Conditions • Lawfulness Technical • Protocols & Standards • Crypto capability • Electronic Tokens & Credentials • Other technical capabilities AndrewHughes3000@gmail.com - September 2013 22
  • 23. Entering the Ecosystem • Online Communities become formal participants in the NSTIC ID Ecosystem through an Accreditation Program • The Accreditation Program is being designed by teams in the IDESG • The Accreditation Program will be documented within the ID Ecosystem Framework AndrewHughes3000@gmail.com - September 2013 23
  • 24. ID Ecosystem Framework* the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem AndrewHughes3000@gmail.com - September 2013 24 *Source: The NSTIC Strategy Document
  • 25. Accreditation • IDESG, via the Accreditation Authority: • Assesses the Online Community and its participants against that Online Community‟s Trust Framework (Operating Rules) • Confers Trustmarks to signal to participants that Assessments and Accreditation has been done to a known standard AndrewHughes3000@gmail.com - September 2013 25
  • 26. Accreditation Authority* assesses and validates identity providers, attribute providers, relying parties, and identity media, ensuring that they all adhere to an agreed-upon trust framework (the community’s trust framework) AndrewHughes3000@gmail.com - September 2013 26 *Source: The NSTIC Strategy Document
  • 27. Trust Framework*, redux • developed by a community • defines the rights and responsibilities of that community‟s participants • specifies the policies and standards specific to the community • defines the community-specific processes and procedures that provide assurance • considers the level of risk associated with the transaction types of its participants AndrewHughes3000@gmail.com - September 2013 27 *Source: The NSTIC Strategy Document
  • 28. Interoperable? • Interoperability within an Online Community is a defining feature of Online Communities • IDESG could foster technology, process and policy interoperability between Online Communities by defining common Accreditation Patterns for the inter-Community interactions • IDESG, via the Accreditation Authority, could assess and issue Trustmarks for the inter- Community interactions AndrewHughes3000@gmail.com - September 2013 28
  • 29. Recap • Online communities set their own rules according to their members‟ needs • Online communities interact with each other in the ID Ecosystem • The rules of different Online Communities may be different • Access to online services enabled by identity solutions is at the heart of the ID Ecosystem • IDESG serves to establish the ID Ecosystem Framework and Programs needed to identify and evaluate Online Communities seeking to participate in the NSTIC ID Ecosystem AndrewHughes3000@gmail.com - September 2013 29
  • 30. NSTIC ID Ecosystem? AndrewHughes3000@gmail.com - September 2013 30 ID Ecosystem Framework Rules
  • 31. A “Community” Unit AndrewHughes3000@gmail.com - September 2013 31 e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Terms Community Trust Framework Rules e-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Interaction Terms of Service Fulfillment of Termse-Service Provider e-Service Consumer Transaction Type Interaction Type Terms of Service Fulfillment of Terms
  • 32. Next Steps • Develop narrative scenarios that explain what an individual might experience when seeking services or engaging with a provider of services • Refine the concept of „Terms of Service‟ • Develop examples that explain how this new concept relates to real-world implementations • Define the nature of „interoperable interactions‟ between Online Communities • What policy, protocol, technology or practice conditions must exist in order to be considered „interoperable‟? • Relate the conceptual model to other IDESG work products • How does this model fit the work already completed in Standards, Security, Privacy, Functional Model, etc? AndrewHughes3000@gmail.com - September 2013 32
  • 33. Your Feedback • Please consider commenting on this slide deck at www.idimmusings.com • Feedback, questions, concerns are welcome, please direct to AndrewHughes3000@gmail.com AndrewHughes3000@gmail.com - September 2013 33