SlideShare una empresa de Scribd logo

CIS13: More NSTIC Pilots: Scalable Privacy and Multi-factor Authentication and Attribute Exchange Network

CloudIDSummit
CloudIDSummit

Dave Coxe, CEO, Criterion Systems Ken Klingenstein, Director, Middleware and Security, Internet2 NSTIC pilots presentations continue; we begin with a presentation of the Attribute Exchange Network being deployed across a number of commercial participants by ID/Dataweb, and then we provide an overview of the framework Internet2 is building for “scalable privacy” and multi-factor authentication.

Tecnología
1 de 16
Descargar para leer sin conexión
Criterion NSTIC Pilot Presentation Ping Cloud Identity Summit – July 9, 2013 David Coxe Work described in this presentation was supported by the National Strategy for Trusted Identities in Cyberspace (NSTIC) National Program Office and the National Institute of Standards and Technology (NIST). The views in this presentation do not necessarily reflect the official policies of the NIST or NSTIC, nor does mention by trade names, commercial practices, or organizations imply endorsement by the U.S. Government.
Agenda •  Overview –  NSTIC AXN Pilots –  AXN Business Model –  Potential NSTIC Pilot Relying Parties (RPs) –  Benefits to RPs •  AXN Services Framework •  Demonstration •  Pilot Schedule •  Lessons Learned •  Summary © 2013 Criterion Systems, Inc. Proprietary and Confidential   Page 2 Attribute Exchange Network Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
NSTIC AXN Pilots Pilot Program Outcome: Implement a user-centric online Identity Ecosystem and demonstrate an Attribute Exchange Trust Framework using the ID Dataweb (IDW) Attribute Exchange Network (AXN) Project Approach: •  Demonstrate online attribute exchange operations and basic features of an attribute exchange trust framework –  User, AP, IdP, and RP interfaces and process/data flows –  Legal, policy, and technical interoperability, security, and scalability –  Business and market monetization models –  Assessor roles and processes Project Objectives: •  Simplify AP, RP, and IdP participation, deploy new online services and demonstrate asset monetization via the IDW AXN platform using: –  Real-time AP online verification services –  Out of band verification services – SMS to device, device IDs, Postal mail AP service - PIN code mail piece •  Live user data from commercial and government RPs •  RP billing (monthly) and AP/IdP transaction/payment statements •  Commercial contracts and Terms of Service that transition pilots to commercial operations NSTIC Pilot Use Case Scenarios: •  Basic Use Case scenarios will initially be limited to key identity attributes: Name, e-mail, Address, Telephone Number (NEAT) and sending one-time passwords via SMS to a mobile device •  Increasingly complex and advanced Use Cases will include additional attributes, interoperability between an OpenID or SAML credential, CAC/PIV card credentials, and identity linkage to end-user devices •  For each RP Use Case: Free market trial of verified attribute services for 180 days or 50,000 users, whichever occurs first © 2013 Criterion Systems, Inc. Proprietary and Confidential Page 3 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
The AXN Business Model and Technical Infrastructure •  Aligns business objectives of the Identity Ecosystem participants –  Overcome historical implementation barriers – everyone benefits –  Expand RP participation to efficiently service and monetize existing markets –  Create new business channels currently underserved by the Identity Ecosystem •  Enables a neutral Internet-scale credential and attribute monetization platform –  Efficient, open, competitive transaction and contractual hub –  Unencumbered by legacy business models, regulations, and technologies –  Free to users, lowers RP costs, and new market potential for IdPs and APs •  Promotes user trust, online security, and privacy protective services –  Designed to implement and positively transform the online identity ecosystem AXN Business Model Requirements Solution Affordable AXN serves as a reseller - open, competitive attribute exchange market place Neutral for User Free to Users – RP pays for credential authentication and attribute verification services to support their risk mitigation (LOA) requirements Online Attribute Verification and Claims Management Services 75% of the market cannot be efficiently serviced by the large APs; AXN creates a new AP sales channel and enhances online security Efficient online identity ecosystems Contractual and transaction hub to enable “Internet” effect IdPs, RPs, APs, and the TFP increase revenue, reduce costs, and increase trust © 2013 Criterion Systems, Inc. Proprietary and Confidential   Page 4 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
Page 5 The First Year NSTIC Use Cases Industry Broadridge Use Case B to C Investor CommunicationsRP Service: Fluent – Online Application Platform for Investor Communications General Electric (GE) Use Case B to C, B to B Multiple Market VerticalsRP Service: Various Service Sector Applications Corporate, Partner and Consumer Account Access DHS/FEMA (MIT Lincoln Labs) First Responder Use Case G to G, G to C First Responders First USA ServicesRP Service: Account creation and login for the First USA disaster response collaboration portal eBay Use Case B to C, C to C RetailRP Service: Retail Seller and Buyer Account Creation and Login © 2013 Criterion Systems, Inc. Proprietary and Confidential (Pending Final Approval) Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
© 2013 Criterion Systems, Inc. Proprietary and Confidential AXN Services Framework 6 IdP Services Credential OpenID 2.0, SAML 2.0, IMI 1.0 Protocol OAuth 2.0, SAML 2.0, Other LOA LOA 1-4 Cert/TF FICAM, OIX, Kantara, Other AP Services Attributes NEAT, SS, DOB, Gender, Corp Verification Quality Refresh Rate, Coverage, Sources, Data Types Physical Device ID, BIO, Card, Other Pricing Per Transaction, Per User Per Year, Annual License Cert/TF FICAM, OIX, Kantara, Other RP Services Enroll Business Purpose, Attribute Selection, Claims Refresh Rate, IdP & RP Selections, User Preferences, Contract LOA LOA 1-4 Admin Logs, Reporting, Billing, Contract Management Cert/TF FICAM, OIX, Kantara, Other User Services Attributes Not Stored In AXN, Self Asserted, Data Minimization PDS PII, Preferences, ABAC, Encrypted, External Store MAX User Only, Personal Control and Security, Acct Linking, Federated Access Via RP Trust Framework Provider (TFP) Identity Providers (IdP) Relying Parties (RP) Assessors & Auditors Dispute Resolvers user Attribute Providers (AP) Attribute Exchange Network (AXN) Proxy AXN Services Billing Pricing and Analytics Acct Management Service Provisioning Contracting Policy Management Marketing Transaction Management Registration Operations and Security Logs, Reporting Administration Audit User Interface Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
AXN Identity Federation Services - My Attribute Exchange 2.  Personal Data Services (PDS) •  User attribute data is not stored in the AXN •  PDS data is presented via MAX to create and manage RP accounts •  User-centric, privacy protective, secure, and federated •  No cost to user 1.  Credential Federation •  Verified attributes are used to create new or bind to existing user accounts 3.  User Managed Admin (UMA) Console •  Authenticated users have federated access at each RP •  Created when a user first opts in to share their verified attribute claims via the AXN with an RP •  Users can securely manage PDS attributes shared with an RP service accessed by an IdP credential •  Enables user to link and unlink multiple IdP credentials Page 7© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
AXN Business Services •  Credential transaction management services –  IDP authenticates user credentials as a service to RPs registered on the AXN –  RP credential requirements for a given LOA (e.g., 1 – 4), type (e.g., SAML, OpenID, IDI), and trust framework certifications •  Personal (Pii) attribute verification and claims management services –  RPs designate which Pii attributes they required from users –  User asserted, verified attributes and claims are shared with RPs with user permission –  Device ID and biometric attributes are verified as required for RP authorization transactions •  Preference attribute management services –  RPs can designate preferences to display for users when interacting with the RP service •  Attribute Based Access Control (ABAC) management services –  RPs select authoritative role-based attributes for users to assert when accessing their service •  User Managed Access (UMA) attribute services –  UMA services define how users (as resource owners) can control protected- resource access by requesting parties © 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
Device Attribute Verification Services •  Mobile Device Verification Services •  Users log in using a trusted mobile device registered and managed on the AXN via MAX •  Secure device ID service ensures user RP accounts can only be accessed using a trusted device •  Computer Verification Services •  Over 600 million computers with Trusted Platform Modules (TPMs) can be managed via the AXN •  Windows 8 requires TPMs on a wide range of devices from desktops to smart phones   Biometric Attribute Verification Services •  Cloud-based Voice, Retinal, Photo and Fingerprint Verification Services •  Daon, CGI, and others •  Integration with Authoritative AP Services •  e.g., driver license attributes and photos ABAC Services •  Fine-grained Policy Authorization Services •  UMA Services to Dynamically Control Access to RP Data and Services AXN Technology Roadmap Trust Elevation Services AXN Trust Elevation Services Page 9© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
•  AXN legal agreements –  Standardized agreements with regulatory flow down terms from IdPs and APs –  Limit PII collection to what is necessary to accomplish the specified purpose(s) –  Accountability and audit to protect PII through appropriate safeguards •  AXN as a proxy - no single service provider can gain a complete picture of a user’s activity •  The AXN data management design mitigates potential threats –  Does not create a central data store of verified user attributes –  Security and privacy enhancing technology is built into the AXN infrastructure •  Users opt-in to each control process for collection, verification, and distribution of attributes –  User Admin console for attribute and credential management –  Only the minimum necessary information is shared in a transaction (FIPPS) AXN Privacy – By Design 10 © 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
AXN Demonstration With Broadridge Fluent Page 11© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
12   |  Copyright  2013   Broadridge  FluentSM   Fluent  is  a  communica.ons  exchange  that  centrally  manages  communica.ons   across  internal  and  external  channels  suppor.ng  customer  choice.   Fluent:   Enables  new  communica=on   channels  (approved  by  firm)     Validates  client  iden==es  across   channels   Captures  preferences  and  consents   on  behalf  of  firm  across  channels   Facilitates  distribu=on  of  content   across  consumer  channels   Ensures  security  and  regulatory   compliance   Provides  insight  into  the   effec=veness  of  communica=ons   Ensures  comprehensive  audit  trail  to   measure  compliance   BROADRIDGE FLUENT CHANNEL MGMT PREFERENCE IDENTITY INSIGHT Innova3ve  Consumer   Experience   1   2   3   4   5   6   7   FIRM Web Sites & Apps BANKING BROKERAGE MORTGAGE CREDIT CARDS E-­‐MAIL   SOCIAL   FUTURE   GLOBAL  DIGITAL  MAIL   NEWSSTANDS  /  TABLETS   FIRM  
13   |  Copyright  2013   The  Nature  of  Communica3ons  is  rapidly  evolving   n  Firms  con=nue  to  spend  millions  of  dollars  to  migrate  Customers  to  e-­‐delivery,  these   efforts  have  leveled  out  below  ini=al  expecta=ons   §  All  Industries  –  14%  of  transac=onal  documents  suppressed   §  With  the  excep=on  of  retail  banking,  limited  adop=on  of  firm  web  sites  (Brokerage,  Mortgage,  Credit   Cards,  …)   §  A  poor  Client  Experiences  has  been  the  primary  obstacle   n  Meanwhile  the  web  has  migrated  from  a  B  to  C  experience  to  a  C  to  B  experience,  with   new  channels  emerging  daily     n  Opportunity  costs  within  financial  services  alone  approach  $20  billion  annually  
2012-2014 Attribute Exchange Pilots Assess POC On Going OperationsBasic Ops Advanced Evaluate 1.  Assess     2.  Proof  of  Concept   3.  Basic  Opera3ons   4.  Advanced   5.  On  Going  Opera3ons   •  Evaluate  –  Incorporate  lessons  learned  and  repeat  WBS  element  1.0     •  Assess,  for  subsequent  Use  Case  Implementa3ons  1.0   Pilot Project Life Cycle © 2013 Criterion Systems, Inc. Proprietary and Confidential Relying  Party  Use-­‐Case  By  Task/Month Oct-­‐12 Nov-­‐12 Dec-­‐12 Jan-­‐13 Feb-­‐13 Mar-­‐13 Apr-­‐13 May-­‐13 Jun-­‐13 Jul-­‐13 Aug-­‐13 Sep-­‐13 Oct-­‐13 Nov-­‐13 Dec-­‐13 Jan-­‐14 Feb-­‐14 Mar-­‐14 Apr-­‐14 May-­‐14 Jun-­‐14 Jul-­‐14 Aug-­‐14 Sep-­‐14 Use-­‐Case  RP#1 Operation Graduate User  Verifications -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Broadridge Use-­‐Case  RP#2 Operation Assess Graduate User  Verifications -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             eBay Use-­‐Case  RP#3 Operation Graduate User  Verifications -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             DHS/MIT Use-­‐Case  RP#4 Operation POC Graduate User  Verifications -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             GE Use-­‐Case  RP#5 Operation =  Production  ready Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Use-­‐Case  RP#6 Operation Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Use-­‐Case  RP#7 Operation Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Use-­‐Case  RP#8 Operation Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Total  Verified  Users -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           20,000             40,000             40,000             50,000             50,000             40,000             20,000             30,000             20,000             30,000             20,000             20,000             10,000             10,000             400,000           Basic  Operations Basic  Operations Basic  Operations Basic  Operations Advanced Advanced Advanced Advanced Basic  Operations Advanced Advanced Project  Launch Year  1  Pilot  Project  Operations Year  2  Pilot  Project  Operations Basic  Operations Assess Assess Basic  Operations Advanced Assess POC POC Basic  Operations AdvancedPOC Line   reflecting   May 1 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
Lessons Learned •  RPs are the customer, and will drive market requirements, adoption, and policy controls. •  Emerging Trust Frameworks are being driven by Communities of Interest (COI) who seek market operational efficiencies through business, legal, technical and policy interoperability. •  Credential federation requires policy changes to enable significant security, user experience (SSO and account creation), and business benefits. •  Current IdP and RP business practices do not always conform to FIPP’s, and need to be managed. •  A rigorous Privacy Evaluation Methodology (PEM) implementation resulted in significant benefits –  AXN technical and architectural enhancements –  Privacy protective enhancements as core messaging in AXN marketing strategy •  RP risk mitigation strategies (for a required LOA) lack consistency –  Emerging user-centric trust elevation technologies are scalable, cost effective and interoperable. –  Trust Marks could be used to objectively promote confidence in various combinations of authentication methods, verified user attributes, and attribute claims from device identities, biometric technologies, etc. –  It would be helpful to map these risk mitigation methods to NIST SP 800-63. Page 15© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
Summary •  2013 - 2014 AX initiatives will define how to… –  Protect and extend customer relationships online –  Increase revenue with existing service infrastructure through new online channels –  Manage organizational risks with cost effective solutions –  Reduce online fraud and identity theft while enhancing brand –  Improve User online experience, increase User trust and transaction volumes, and reduce related costs •  Neutral market platform for the emerging identity ecosystem •  Online attribute monetization platform – unencumbered by legacy business models, regulations and technologies Page 16© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.

Recomendados

DEVNET-1132 Create B2B Exchanges with Cisco Connected Processes
DEVNET-1132 Create B2B Exchanges with Cisco Connected ProcessesDEVNET-1132 Create B2B Exchanges with Cisco Connected Processes
DEVNET-1132 Create B2B Exchanges with Cisco Connected ProcessesCisco DevNet
 
ICC Data and Device management
ICC Data and Device managementICC Data and Device management
ICC Data and Device managementInternational Communications Corporation
 
CBC ININ Case Study
CBC ININ Case StudyCBC ININ Case Study
CBC ININ Case StudyRichard Klevit
 
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital EconomyWSO2
 
Cscc cloud-customer-architecture-for-e commerce
Cscc cloud-customer-architecture-for-e commerceCscc cloud-customer-architecture-for-e commerce
Cscc cloud-customer-architecture-for-e commercer_arorabms
 
Inter connect2015 ame-3495
Inter connect2015 ame-3495Inter connect2015 ame-3495
Inter connect2015 ame-3495Phil Coxhead
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementNoam Bunder
 
Forum Presentation
Forum PresentationForum Presentation
Forum Presentationallaboutsyed
 

Recomendados

DEVNET-1132 Create B2B Exchanges with Cisco Connected Processes
DEVNET-1132 Create B2B Exchanges with Cisco Connected ProcessesDEVNET-1132 Create B2B Exchanges with Cisco Connected Processes
DEVNET-1132 Create B2B Exchanges with Cisco Connected ProcessesCisco DevNet
 
ICC Data and Device management
ICC Data and Device managementICC Data and Device management
ICC Data and Device managementInternational Communications Corporation
 
CBC ININ Case Study
CBC ININ Case StudyCBC ININ Case Study
CBC ININ Case StudyRichard Klevit
 
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital Economy
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital EconomyWSO2
 
Cscc cloud-customer-architecture-for-e commerce
Cscc cloud-customer-architecture-for-e commerceCscc cloud-customer-architecture-for-e commerce
Cscc cloud-customer-architecture-for-e commercer_arorabms
 
Inter connect2015 ame-3495
Inter connect2015 ame-3495Inter connect2015 ame-3495
Inter connect2015 ame-3495Phil Coxhead
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementNoam Bunder
 
Forum Presentation
Forum PresentationForum Presentation
Forum Presentationallaboutsyed
 
Sify Corp Products Presentation
Sify Corp Products PresentationSify Corp Products Presentation
Sify Corp Products PresentationKrishna Cck
 
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Private Cloud
 
Evolving Shared Platforms for e-Governance
Evolving Shared Platforms for e-GovernanceEvolving Shared Platforms for e-Governance
Evolving Shared Platforms for e-GovernanceUSAID CEED II Project Moldova
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile ConnectUbisecure
 
Magpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering OfferingMagpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering Offeringimpodgirl
 
Enterprise architecture for telecom sector
Enterprise architecture for telecom sectorEnterprise architecture for telecom sector
Enterprise architecture for telecom sectorSoham Pablo
 
Belgian public sector interoperability
Belgian public sector interoperabilityBelgian public sector interoperability
Belgian public sector interoperabilityE-Government Center Moldova
 
[IoT World Forum Webinar] Review of CMX Cisco technology
[IoT World Forum Webinar] Review of CMX Cisco technology[IoT World Forum Webinar] Review of CMX Cisco technology
[IoT World Forum Webinar] Review of CMX Cisco technologyBeMyApp
 
Open Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerOpen Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerIBM DataPower Gateway
 
Greytower identity Overview
Greytower identity OverviewGreytower identity Overview
Greytower identity OverviewWilliam Brant
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019IBM DataPower Gateway
 
Web xpress enterprise mobility capability and solutions
Web xpress enterprise mobility capability and solutionsWeb xpress enterprise mobility capability and solutions
Web xpress enterprise mobility capability and solutionsWebXpress
 
J75912 nec cloud brochure marketplace
J75912 nec cloud brochure marketplaceJ75912 nec cloud brochure marketplace
J75912 nec cloud brochure marketplaceNECIndia
 
Acqueon iQ 3.0 Brochure
Acqueon iQ 3.0 BrochureAcqueon iQ 3.0 Brochure
Acqueon iQ 3.0 BrochureAcqueon Technologies Inc.
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and CloudCA API Management
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and CloudCA API Management
 
Oracle Blockchain Platform
Oracle Blockchain PlatformOracle Blockchain Platform
Oracle Blockchain PlatformJuarez Junior
 
The future of online services (the cloud and personalization)
The future of online services (the cloud and personalization)The future of online services (the cloud and personalization)
The future of online services (the cloud and personalization)TISEE
 
Pres Bbx Cloudstorm Antwerpen
Pres Bbx Cloudstorm AntwerpenPres Bbx Cloudstorm Antwerpen
Pres Bbx Cloudstorm AntwerpenAlex Schoone
 
Cloud Computing For IAM Providers
Cloud Computing For IAM ProvidersCloud Computing For IAM Providers
Cloud Computing For IAM Providersguest4b81cf
 
Application enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decApplication enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decjcortley
 
Application enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decApplication enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decjcortley
 

Más contenido relacionado

La actualidad más candente

Sify Corp Products Presentation
Sify Corp Products PresentationSify Corp Products Presentation
Sify Corp Products PresentationKrishna Cck
 
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Private Cloud
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile ConnectUbisecure
 
Magpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering OfferingMagpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering Offeringimpodgirl
 
Enterprise architecture for telecom sector
Enterprise architecture for telecom sectorEnterprise architecture for telecom sector
Enterprise architecture for telecom sectorSoham Pablo
 
[IoT World Forum Webinar] Review of CMX Cisco technology
[IoT World Forum Webinar] Review of CMX Cisco technology[IoT World Forum Webinar] Review of CMX Cisco technology
[IoT World Forum Webinar] Review of CMX Cisco technologyBeMyApp
 
Open Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerOpen Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerIBM DataPower Gateway
 
Greytower identity Overview
Greytower identity OverviewGreytower identity Overview
Greytower identity OverviewWilliam Brant
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019IBM DataPower Gateway
 
Web xpress enterprise mobility capability and solutions
Web xpress enterprise mobility capability and solutionsWeb xpress enterprise mobility capability and solutions
Web xpress enterprise mobility capability and solutionsWebXpress
 
J75912 nec cloud brochure marketplace
J75912 nec cloud brochure marketplaceJ75912 nec cloud brochure marketplace
J75912 nec cloud brochure marketplaceNECIndia
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and CloudCA API Management
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and CloudCA API Management
 
Oracle Blockchain Platform
Oracle Blockchain PlatformOracle Blockchain Platform
Oracle Blockchain PlatformJuarez Junior
 
The future of online services (the cloud and personalization)
The future of online services (the cloud and personalization)The future of online services (the cloud and personalization)
The future of online services (the cloud and personalization)TISEE
 
Pres Bbx Cloudstorm Antwerpen
Pres Bbx Cloudstorm AntwerpenPres Bbx Cloudstorm Antwerpen
Pres Bbx Cloudstorm AntwerpenAlex Schoone
 
Cloud Computing For IAM Providers
Cloud Computing For IAM ProvidersCloud Computing For IAM Providers
Cloud Computing For IAM Providersguest4b81cf
 

La actualidad más candente (20)

Sify Corp Products Presentation
Sify Corp Products PresentationSify Corp Products Presentation
Sify Corp Products Presentation
 
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
 
Evolving Shared Platforms for e-Governance
Evolving Shared Platforms for e-GovernanceEvolving Shared Platforms for e-Governance
Evolving Shared Platforms for e-Governance
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile Connect
 
Magpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering OfferingMagpie Smart Grid Software Engineering Offering
Magpie Smart Grid Software Engineering Offering
 
Enterprise architecture for telecom sector
Enterprise architecture for telecom sectorEnterprise architecture for telecom sector
Enterprise architecture for telecom sector
 
Belgian public sector interoperability
Belgian public sector interoperabilityBelgian public sector interoperability
Belgian public sector interoperability
 
[IoT World Forum Webinar] Review of CMX Cisco technology
[IoT World Forum Webinar] Review of CMX Cisco technology[IoT World Forum Webinar] Review of CMX Cisco technology
[IoT World Forum Webinar] Review of CMX Cisco technology
 
Open Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerOpen Banking via API Connect & DataPower
Open Banking via API Connect & DataPower
 
Greytower identity Overview
Greytower identity OverviewGreytower identity Overview
Greytower identity Overview
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019
 
Web xpress enterprise mobility capability and solutions
Web xpress enterprise mobility capability and solutionsWeb xpress enterprise mobility capability and solutions
Web xpress enterprise mobility capability and solutions
 
J75912 nec cloud brochure marketplace
J75912 nec cloud brochure marketplaceJ75912 nec cloud brochure marketplace
J75912 nec cloud brochure marketplace
 
Acqueon iQ 3.0 Brochure
Acqueon iQ 3.0 BrochureAcqueon iQ 3.0 Brochure
Acqueon iQ 3.0 Brochure
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and Cloud
 
Managing API Security in SaaS and Cloud
Managing API Security in SaaS and CloudManaging API Security in SaaS and Cloud
Managing API Security in SaaS and Cloud
 
Oracle Blockchain Platform
Oracle Blockchain PlatformOracle Blockchain Platform
Oracle Blockchain Platform
 
The future of online services (the cloud and personalization)
The future of online services (the cloud and personalization)The future of online services (the cloud and personalization)
The future of online services (the cloud and personalization)
 
Pres Bbx Cloudstorm Antwerpen
Pres Bbx Cloudstorm AntwerpenPres Bbx Cloudstorm Antwerpen
Pres Bbx Cloudstorm Antwerpen
 
Cloud Computing For IAM Providers
Cloud Computing For IAM ProvidersCloud Computing For IAM Providers
Cloud Computing For IAM Providers
 

Similar a CIS13: More NSTIC Pilots: Scalable Privacy and Multi-factor Authentication and Attribute Exchange Network

Application enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decApplication enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decjcortley
 
Application enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decApplication enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decjcortley
 
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...Amazon Web Services
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalMauricio Godoy
 
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Amazon Web Services
 
Building and Operating Clouds
Building and Operating CloudsBuilding and Operating Clouds
Building and Operating CloudsBMC Software
 
apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...
apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...
apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...apidays
 
Kantara Initiative - Connecting a More Trustworthy Internet
Kantara Initiative - Connecting a More Trustworthy InternetKantara Initiative - Connecting a More Trustworthy Internet
Kantara Initiative - Connecting a More Trustworthy Internetkantarainitiative
 
Monitoring and observabilty at Bolt
Monitoring and observabilty at BoltMonitoring and observabilty at Bolt
Monitoring and observabilty at BoltMoovingON
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...IBM Security
 
Platform for Secure Digital Business
Platform for Secure Digital BusinessPlatform for Secure Digital Business
Platform for Secure Digital BusinessAkana
 
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWSAmazon Web Services
 
Virtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data CenterVirtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data CenterDavid Resnic
 
Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...
Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...
Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...Amazon Web Services
 
Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...
Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...
Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...Amazon Web Services
 
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Amazon Web Services
 

Similar a CIS13: More NSTIC Pilots: Scalable Privacy and Multi-factor Authentication and Attribute Exchange Network (20)

Application enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decApplication enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-dec
 
Application enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-decApplication enablement webinar alcatel lucent 15-dec
Application enablement webinar alcatel lucent 15-dec
 
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_final
 
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
Migrating Single-Tenant Applications to Multi-Tenant SaaS (ARC326-R1) - AWS r...
 
Building and Operating Clouds
Building and Operating CloudsBuilding and Operating Clouds
Building and Operating Clouds
 
apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...
apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...
apidays LIVE Hong Kong 2021 - Enterprise Integration Patterns for OpenAPI Ini...
 
Kantara Initiative - Connecting a More Trustworthy Internet
Kantara Initiative - Connecting a More Trustworthy InternetKantara Initiative - Connecting a More Trustworthy Internet
Kantara Initiative - Connecting a More Trustworthy Internet
 
Taw opening session
Taw opening sessionTaw opening session
Taw opening session
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWS
 
Monitoring and observabilty at Bolt
Monitoring and observabilty at BoltMonitoring and observabilty at Bolt
Monitoring and observabilty at Bolt
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
 
Platform for Secure Digital Business
Platform for Secure Digital BusinessPlatform for Secure Digital Business
Platform for Secure Digital Business
 
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
 
Denver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security ParadigmDenver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security Paradigm
 
Virtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data CenterVirtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data Center
 
Saksoft Inc
Saksoft IncSaksoft Inc
Saksoft Inc
 
Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...
Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...
Slashing Big Data Complexity: How Comcast X1 Syndicates Streaming Analytics w...
 
Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...
Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...
Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS r...
 
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
 

Más de CloudIDSummit

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content HighlightsCloudIDSummit
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CloudIDSummit
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2CloudIDSummit
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CloudIDSummit
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CloudIDSummit
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CloudIDSummit
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCloudIDSummit
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCloudIDSummit
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CloudIDSummit
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCloudIDSummit
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...CloudIDSummit
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCloudIDSummit
 

Más de CloudIDSummit (20)

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
 

Último

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Último (20)

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

CIS13: More NSTIC Pilots: Scalable Privacy and Multi-factor Authentication and Attribute Exchange Network

  • 1. Criterion NSTIC Pilot Presentation Ping Cloud Identity Summit – July 9, 2013 David Coxe Work described in this presentation was supported by the National Strategy for Trusted Identities in Cyberspace (NSTIC) National Program Office and the National Institute of Standards and Technology (NIST). The views in this presentation do not necessarily reflect the official policies of the NIST or NSTIC, nor does mention by trade names, commercial practices, or organizations imply endorsement by the U.S. Government.
  • 2. Agenda •  Overview –  NSTIC AXN Pilots –  AXN Business Model –  Potential NSTIC Pilot Relying Parties (RPs) –  Benefits to RPs •  AXN Services Framework •  Demonstration •  Pilot Schedule •  Lessons Learned •  Summary © 2013 Criterion Systems, Inc. Proprietary and Confidential   Page 2 Attribute Exchange Network Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 3. NSTIC AXN Pilots Pilot Program Outcome: Implement a user-centric online Identity Ecosystem and demonstrate an Attribute Exchange Trust Framework using the ID Dataweb (IDW) Attribute Exchange Network (AXN) Project Approach: •  Demonstrate online attribute exchange operations and basic features of an attribute exchange trust framework –  User, AP, IdP, and RP interfaces and process/data flows –  Legal, policy, and technical interoperability, security, and scalability –  Business and market monetization models –  Assessor roles and processes Project Objectives: •  Simplify AP, RP, and IdP participation, deploy new online services and demonstrate asset monetization via the IDW AXN platform using: –  Real-time AP online verification services –  Out of band verification services – SMS to device, device IDs, Postal mail AP service - PIN code mail piece •  Live user data from commercial and government RPs •  RP billing (monthly) and AP/IdP transaction/payment statements •  Commercial contracts and Terms of Service that transition pilots to commercial operations NSTIC Pilot Use Case Scenarios: •  Basic Use Case scenarios will initially be limited to key identity attributes: Name, e-mail, Address, Telephone Number (NEAT) and sending one-time passwords via SMS to a mobile device •  Increasingly complex and advanced Use Cases will include additional attributes, interoperability between an OpenID or SAML credential, CAC/PIV card credentials, and identity linkage to end-user devices •  For each RP Use Case: Free market trial of verified attribute services for 180 days or 50,000 users, whichever occurs first © 2013 Criterion Systems, Inc. Proprietary and Confidential Page 3 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 4. The AXN Business Model and Technical Infrastructure •  Aligns business objectives of the Identity Ecosystem participants –  Overcome historical implementation barriers – everyone benefits –  Expand RP participation to efficiently service and monetize existing markets –  Create new business channels currently underserved by the Identity Ecosystem •  Enables a neutral Internet-scale credential and attribute monetization platform –  Efficient, open, competitive transaction and contractual hub –  Unencumbered by legacy business models, regulations, and technologies –  Free to users, lowers RP costs, and new market potential for IdPs and APs •  Promotes user trust, online security, and privacy protective services –  Designed to implement and positively transform the online identity ecosystem AXN Business Model Requirements Solution Affordable AXN serves as a reseller - open, competitive attribute exchange market place Neutral for User Free to Users – RP pays for credential authentication and attribute verification services to support their risk mitigation (LOA) requirements Online Attribute Verification and Claims Management Services 75% of the market cannot be efficiently serviced by the large APs; AXN creates a new AP sales channel and enhances online security Efficient online identity ecosystems Contractual and transaction hub to enable “Internet” effect IdPs, RPs, APs, and the TFP increase revenue, reduce costs, and increase trust © 2013 Criterion Systems, Inc. Proprietary and Confidential   Page 4 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 5. Page 5 The First Year NSTIC Use Cases Industry Broadridge Use Case B to C Investor CommunicationsRP Service: Fluent – Online Application Platform for Investor Communications General Electric (GE) Use Case B to C, B to B Multiple Market VerticalsRP Service: Various Service Sector Applications Corporate, Partner and Consumer Account Access DHS/FEMA (MIT Lincoln Labs) First Responder Use Case G to G, G to C First Responders First USA ServicesRP Service: Account creation and login for the First USA disaster response collaboration portal eBay Use Case B to C, C to C RetailRP Service: Retail Seller and Buyer Account Creation and Login © 2013 Criterion Systems, Inc. Proprietary and Confidential (Pending Final Approval) Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 6. © 2013 Criterion Systems, Inc. Proprietary and Confidential AXN Services Framework 6 IdP Services Credential OpenID 2.0, SAML 2.0, IMI 1.0 Protocol OAuth 2.0, SAML 2.0, Other LOA LOA 1-4 Cert/TF FICAM, OIX, Kantara, Other AP Services Attributes NEAT, SS, DOB, Gender, Corp Verification Quality Refresh Rate, Coverage, Sources, Data Types Physical Device ID, BIO, Card, Other Pricing Per Transaction, Per User Per Year, Annual License Cert/TF FICAM, OIX, Kantara, Other RP Services Enroll Business Purpose, Attribute Selection, Claims Refresh Rate, IdP & RP Selections, User Preferences, Contract LOA LOA 1-4 Admin Logs, Reporting, Billing, Contract Management Cert/TF FICAM, OIX, Kantara, Other User Services Attributes Not Stored In AXN, Self Asserted, Data Minimization PDS PII, Preferences, ABAC, Encrypted, External Store MAX User Only, Personal Control and Security, Acct Linking, Federated Access Via RP Trust Framework Provider (TFP) Identity Providers (IdP) Relying Parties (RP) Assessors & Auditors Dispute Resolvers user Attribute Providers (AP) Attribute Exchange Network (AXN) Proxy AXN Services Billing Pricing and Analytics Acct Management Service Provisioning Contracting Policy Management Marketing Transaction Management Registration Operations and Security Logs, Reporting Administration Audit User Interface Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 7. AXN Identity Federation Services - My Attribute Exchange 2.  Personal Data Services (PDS) •  User attribute data is not stored in the AXN •  PDS data is presented via MAX to create and manage RP accounts •  User-centric, privacy protective, secure, and federated •  No cost to user 1.  Credential Federation •  Verified attributes are used to create new or bind to existing user accounts 3.  User Managed Admin (UMA) Console •  Authenticated users have federated access at each RP •  Created when a user first opts in to share their verified attribute claims via the AXN with an RP •  Users can securely manage PDS attributes shared with an RP service accessed by an IdP credential •  Enables user to link and unlink multiple IdP credentials Page 7© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 8. AXN Business Services •  Credential transaction management services –  IDP authenticates user credentials as a service to RPs registered on the AXN –  RP credential requirements for a given LOA (e.g., 1 – 4), type (e.g., SAML, OpenID, IDI), and trust framework certifications •  Personal (Pii) attribute verification and claims management services –  RPs designate which Pii attributes they required from users –  User asserted, verified attributes and claims are shared with RPs with user permission –  Device ID and biometric attributes are verified as required for RP authorization transactions •  Preference attribute management services –  RPs can designate preferences to display for users when interacting with the RP service •  Attribute Based Access Control (ABAC) management services –  RPs select authoritative role-based attributes for users to assert when accessing their service •  User Managed Access (UMA) attribute services –  UMA services define how users (as resource owners) can control protected- resource access by requesting parties © 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 9. Device Attribute Verification Services •  Mobile Device Verification Services •  Users log in using a trusted mobile device registered and managed on the AXN via MAX •  Secure device ID service ensures user RP accounts can only be accessed using a trusted device •  Computer Verification Services •  Over 600 million computers with Trusted Platform Modules (TPMs) can be managed via the AXN •  Windows 8 requires TPMs on a wide range of devices from desktops to smart phones   Biometric Attribute Verification Services •  Cloud-based Voice, Retinal, Photo and Fingerprint Verification Services •  Daon, CGI, and others •  Integration with Authoritative AP Services •  e.g., driver license attributes and photos ABAC Services •  Fine-grained Policy Authorization Services •  UMA Services to Dynamically Control Access to RP Data and Services AXN Technology Roadmap Trust Elevation Services AXN Trust Elevation Services Page 9© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 10. •  AXN legal agreements –  Standardized agreements with regulatory flow down terms from IdPs and APs –  Limit PII collection to what is necessary to accomplish the specified purpose(s) –  Accountability and audit to protect PII through appropriate safeguards •  AXN as a proxy - no single service provider can gain a complete picture of a user’s activity •  The AXN data management design mitigates potential threats –  Does not create a central data store of verified user attributes –  Security and privacy enhancing technology is built into the AXN infrastructure •  Users opt-in to each control process for collection, verification, and distribution of attributes –  User Admin console for attribute and credential management –  Only the minimum necessary information is shared in a transaction (FIPPS) AXN Privacy – By Design 10 © 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 11. AXN Demonstration With Broadridge Fluent Page 11© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 12. 12   |  Copyright  2013   Broadridge  FluentSM   Fluent  is  a  communica.ons  exchange  that  centrally  manages  communica.ons   across  internal  and  external  channels  suppor.ng  customer  choice.   Fluent:   Enables  new  communica=on   channels  (approved  by  firm)     Validates  client  iden==es  across   channels   Captures  preferences  and  consents   on  behalf  of  firm  across  channels   Facilitates  distribu=on  of  content   across  consumer  channels   Ensures  security  and  regulatory   compliance   Provides  insight  into  the   effec=veness  of  communica=ons   Ensures  comprehensive  audit  trail  to   measure  compliance   BROADRIDGE FLUENT CHANNEL MGMT PREFERENCE IDENTITY INSIGHT Innova3ve  Consumer   Experience   1   2   3   4   5   6   7   FIRM Web Sites & Apps BANKING BROKERAGE MORTGAGE CREDIT CARDS E-­‐MAIL   SOCIAL   FUTURE   GLOBAL  DIGITAL  MAIL   NEWSSTANDS  /  TABLETS   FIRM  
  • 13. 13   |  Copyright  2013   The  Nature  of  Communica3ons  is  rapidly  evolving   n  Firms  con=nue  to  spend  millions  of  dollars  to  migrate  Customers  to  e-­‐delivery,  these   efforts  have  leveled  out  below  ini=al  expecta=ons   §  All  Industries  –  14%  of  transac=onal  documents  suppressed   §  With  the  excep=on  of  retail  banking,  limited  adop=on  of  firm  web  sites  (Brokerage,  Mortgage,  Credit   Cards,  …)   §  A  poor  Client  Experiences  has  been  the  primary  obstacle   n  Meanwhile  the  web  has  migrated  from  a  B  to  C  experience  to  a  C  to  B  experience,  with   new  channels  emerging  daily     n  Opportunity  costs  within  financial  services  alone  approach  $20  billion  annually  
  • 14. 2012-2014 Attribute Exchange Pilots Assess POC On Going OperationsBasic Ops Advanced Evaluate 1.  Assess     2.  Proof  of  Concept   3.  Basic  Opera3ons   4.  Advanced   5.  On  Going  Opera3ons   •  Evaluate  –  Incorporate  lessons  learned  and  repeat  WBS  element  1.0     •  Assess,  for  subsequent  Use  Case  Implementa3ons  1.0   Pilot Project Life Cycle © 2013 Criterion Systems, Inc. Proprietary and Confidential Relying  Party  Use-­‐Case  By  Task/Month Oct-­‐12 Nov-­‐12 Dec-­‐12 Jan-­‐13 Feb-­‐13 Mar-­‐13 Apr-­‐13 May-­‐13 Jun-­‐13 Jul-­‐13 Aug-­‐13 Sep-­‐13 Oct-­‐13 Nov-­‐13 Dec-­‐13 Jan-­‐14 Feb-­‐14 Mar-­‐14 Apr-­‐14 May-­‐14 Jun-­‐14 Jul-­‐14 Aug-­‐14 Sep-­‐14 Use-­‐Case  RP#1 Operation Graduate User  Verifications -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Broadridge Use-­‐Case  RP#2 Operation Assess Graduate User  Verifications -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             eBay Use-­‐Case  RP#3 Operation Graduate User  Verifications -­‐ -­‐ -­‐ -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             DHS/MIT Use-­‐Case  RP#4 Operation POC Graduate User  Verifications -­‐ -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             GE Use-­‐Case  RP#5 Operation =  Production  ready Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Use-­‐Case  RP#6 Operation Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Use-­‐Case  RP#7 Operation Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Use-­‐Case  RP#8 Operation Assess POC Graduate User  Verifications -­‐ -­‐ 10,000             10,000             10,000             10,000             10,000             Total  Verified  Users -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           -­‐                           20,000             40,000             40,000             50,000             50,000             40,000             20,000             30,000             20,000             30,000             20,000             20,000             10,000             10,000             400,000           Basic  Operations Basic  Operations Basic  Operations Basic  Operations Advanced Advanced Advanced Advanced Basic  Operations Advanced Advanced Project  Launch Year  1  Pilot  Project  Operations Year  2  Pilot  Project  Operations Basic  Operations Assess Assess Basic  Operations Advanced Assess POC POC Basic  Operations AdvancedPOC Line   reflecting   May 1 Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 15. Lessons Learned •  RPs are the customer, and will drive market requirements, adoption, and policy controls. •  Emerging Trust Frameworks are being driven by Communities of Interest (COI) who seek market operational efficiencies through business, legal, technical and policy interoperability. •  Credential federation requires policy changes to enable significant security, user experience (SSO and account creation), and business benefits. •  Current IdP and RP business practices do not always conform to FIPP’s, and need to be managed. •  A rigorous Privacy Evaluation Methodology (PEM) implementation resulted in significant benefits –  AXN technical and architectural enhancements –  Privacy protective enhancements as core messaging in AXN marketing strategy •  RP risk mitigation strategies (for a required LOA) lack consistency –  Emerging user-centric trust elevation technologies are scalable, cost effective and interoperable. –  Trust Marks could be used to objectively promote confidence in various combinations of authentication methods, verified user attributes, and attribute claims from device identities, biometric technologies, etc. –  It would be helpful to map these risk mitigation methods to NIST SP 800-63. Page 15© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.
  • 16. Summary •  2013 - 2014 AX initiatives will define how to… –  Protect and extend customer relationships online –  Increase revenue with existing service infrastructure through new online channels –  Manage organizational risks with cost effective solutions –  Reduce online fraud and identity theft while enhancing brand –  Improve User online experience, increase User trust and transaction volumes, and reduce related costs •  Neutral market platform for the emerging identity ecosystem •  Online attribute monetization platform – unencumbered by legacy business models, regulations and technologies Page 16© 2013 Criterion Systems, Inc. Proprietary and Confidential Criterion Systems, Inc. retains ownership of its proprietary information in this presentation.