Recomendados
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (16)
Destacado
Destacado (20)
Similar a NIST Identity Standards and Technologies
Similar a NIST Identity Standards and Technologies (20)
Más de CloudIDSummit
Más de CloudIDSummit (20)
Último
Último (20)
NIST Identity Standards and Technologies
- 1. Introduction United States Department of Commerce National Institute of Standards and Technology Paul Grassi, CISSP Senior Standards and Technology Advisor, NSTIC Information Technology Laboratory 1401 Constitution Ave. NW, Rm. 2069 Washington, DC 20230 W: 202.482.8349 M: 703.786.8275 Email: paul.grassi@nist.gov Background Role @ NIST Approach
- 2. Standards and Technology Landscape Well-‐rounded pilots hi<ng diverse user set Government adop@on Market Discovery ADribute Providers Internet of Things Consumer-‐Centric Deployment Costs Standards Gaps Embedded Privacy Iden@fica@on of policy and technical overlays NSTIC Launch IDE Sustaining 2012 2013 2014 2015 Envision It!? True Interoperability
- 3. NIST Coverage in Key Identity Services Key No coverage Par@al coverage, to include other D/A documenta@on Full coverage Needs refreshing
- 4. Where We Will Focus in FY14/15 ü Codify privacy enhancing profiles ü Enhance/Establish ‘standard’ to establish confidence, trustworthiness, and privacy preserva@on (zero knowledge, derived, minimal disclosure) ü Address portability of preferred creden@als and relying party accounts ü Revisit and retool exis@ng standards to address current market state and flex to innova@on ü Develop new standards that increase IE par@cipa@on ü Increase par@cipa@on in commercial open standards ü Mobility, Cloud, Shared Services ü Simplify, accelerate, and reduce the cost of ICAM implementa@ons ü Focus beyond the PIV ü Establish RP toolkits ü Iden@fy and foster innova@on from untapped sources ü Elevate non-‐person en@@es into the forefront of the IDE/ ICAM discussion ü Non-‐intrusive security model ü Con@nuous monitoring and assessment
- 5. Identity Assurance – What would you think if? De-‐coupled proofing strength from authen@ca@on strength? NIST just measured authen@ca@on performance/strength/usability? Got rid of LOA? What else could we do to turn these docs on their head to enhance the IE? Developed private sector companion to 800-‐63?
- 6. Attributes – What Needs to Happen? Iden@fy and establish market-‐enhancing aDribute best prac@ces, guidelines, and standards to communicate the veracity and trustworthiness of aDributes to relying par@es or iden@ty and access management service or func@on. Meta-‐ ADribute Confidence/ Assurance Liability Security and Privacy Governance Exchange Informs Dependent Standards Performance Metrics Risk Tolerance Market ADribute Registries Focal
- 7. The Need for a Privacy Profile BrokerAuthen@ca@on Request Authen@ca@on Request Response + Encrypted ADributes Double Blind Architecture Relying Party CSP User Consent ADribute Provider Response + Encrypted ADributes 1 CSP/AP can’t know the RP 2 Broker can’t see the a?ributes 3 Standard and Protocol AgnosBc 4 RP can’t know CSP 5 Minimal Changes to Infrastructure (but we may soJen this requirement)
- 8. Contact Information United States Department of Commerce National Institute of Standards and Technology Paul Grassi, CISSP Senior Standards and Technology Advisor, NSTIC Information Technology Laboratory 1401 Constitution Ave. NW, Rm. 2069 Washington, DC 20230 W: 202.482.8349 M: 703.786.8275 Email: paul.grassi@nist.gov