1 / 16

Kantara Initiative Privacy Framework Overview and Value Proposition

Kantara Initiative Privacy Framework Overview and Value Proposition. March 7, 2011. Kantara Initiative. Privacy and Public Policy WG Adoption Benefits Illustrative Examples Roadmap Get Involved. Kantara Initiative builds bridges. Privacy and Public Policy WG.

tarik-baldwin
Download Presentation

Kantara Initiative Privacy Framework Overview and Value Proposition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Kantara Initiative Privacy Framework Overview and Value Proposition March 7, 2011

  2. Kantara Initiative • Privacy and Public Policy WG • Adoption Benefits • Illustrative Examples • Roadmap • Get Involved Kantara Initiative builds bridges...

  3. Privacy and Public Policy WG • It is the mission of P3 that Federated profiles for enterprise and identity management build in increased accessibility, transparency, clarity, and better control over the use of personal and sensitive information online.

  4. What are the Trust Framework Real Benefits? Cost Savings - By Certifying against IAF as Trust Framework component, an organization proves they immediately satisfy a substantial set of the criteria required by other federated networks.- As Federated networks adopt IAF as operational Trust Framework component, cost savings will be greater for organizations certified against IAF.- Federation Operators may reduce their cost in defining and maintaining Identity Assurance policies and practices, thus reducing cost for constituents as well. Business Agility - An organization is able to join other IAF TF networks faster and more efficiently.- The ability to inter-federate is an added value to each IAF certified service and their respective subscribers. A Higher Standard - The IAF TF is a best of breed cross-industry standard that reflects the best known practices from a substantial cross-section of industry and government. It benefits from a large and deep pool of contributers not available in any single federated network.- Over time IAF TF will cross-pollenate other networks providing a consistently higher standard for Identity Assurance.

  5. Benefits to Adoption • Digital Identity Management (DIDM) has a great potential to increase the economic performance of the internet. • Privacy and the efficient management of information can greatly enhance the usability, security, privacy and trust of Federated use of digital identity.

  6. Currently Privacy Framework work is focused on developing a global Privacy Guidelines and Assessment Criteria for federated identity management across jurisdictions.   The effort works to address cross-jurisdictional challenges in federated identity and Internet policy through a mutli-stakeholder privacy design approach that is technology neutral. Broad Adopter Coverage

  7. Privacy and Public Policy Work Group (P3WG) advocates the development of trust frameworks to self-regulate industry practices supports the design of regulatory design that can hold accountable and enforce this self-regulation internationally. Self-Regulating Across Industries and Jurisdictions

  8. Plug-in Components As authentication, authorization, and access control need to be considered separately for each deployment of a federated identity system, the Privacy Framework workgroup at Kantara is developing guidelines on the use of common components and their use in profiles that can be used to administrate these considerations across federations.

  9. Components of the TF Pie Trust Framework at it's core has 3 components: • Policy – the Kantara Identity Assurance Framework comprises Policy criteria for certification. • Privacy – The Kantara P3WG Privacy Framework team is creating what will ultimately be a set of criteria as a baseline to apply to certifications. • Technology – Technology profiles which are applied depending upon the Level of Assurance of certification. Note: the components listed above are preliminary. Please note that other components are still under development.

  10. Basic Flow Privacy framework develops privacy guidelines and assessment criteria for the certification of profiles use in federated identity management. As federated policy and privacy is a dynamic collaboration that continuously develops over time DIDM evolves the use of digital identity for use in the physical world. Through privacy profiles applied to the development of federated ICT systems digital identity can provide incredible benefits with a lot less risk.

  11. Applied similarly toIllustrative IAF Examples: US ICAM TRUST FRAMEWORK PROVIDER REQ’S BIO-PHARMACEUTICALFEDERATION CORE CSP REQUIREMENTS FINANCIAL SERVICES NETWORK CORE REQUIREMENT SET HIGHER EDUCATIONFEDERATION CORE REQUIREMENT SET Identity Assurance Framework SAC for AL(n) – {n:1-4} IAF ADOPTION IAF PROFILES

  12. Kantara Initiative: Assurance and Interoperability Program Work Groups KANTARA INITIATIVE PROGRAMS WORK & DISCUSSION GROUP ACRONYMS: NON-CERTIFICATION CERTIFICATION • (BCTFDG) Business Cases for Trusted Federation • (eGOV) eGovernment • (EUMDG) European Use Case and Market • (FIWG) Federation Interoperability • (IOP) Interoperability INTEROPERABILITY ASSURANCE HARMONIZATION InterOp Review Board (IRB) • Certification • Demos Assurance Review Board (ARB) • Certification • Accreditation User-Centric, Jurisdiction and Vertical Based • (HIAWG) Heath Identity Assurance • (IAWG) Identity Assurance • (Info Sharing WG) Information Sharing • (P3WG) Privacy and Public Policy Consumer ID BCTF DG HIA WG eGOV IA WG Japan • (Consumer ID) Consumer Identity • (JapanWG) Japan • (Telco ID) Telecommunication Identification • (ULX) User Login Experience • (UMA) User Managed Access EUM DG InfoShare Telco ID FI WG P3 WG ULX IOP UMA

  13. Roadmap Enter roadmap TBD timeline

  14. What We Ask? • Volunteer time and effort to the P3WG to help complete the work. • Identity service organizations adopt the IAF and eventually Privacy Framework as their standard for Identity Assurance • Financial sponsorship (through membership and/or directed contributions) be made to support the continued evolution of the IAF and related programs within the Kantara Initiative Certification Program

  15. Get Involved: Join our Community Website: http://kantarainitiative.org Community Mail List: http://kantarainitiative.org/listinfo/community Identity Assurance Accreditation and Certification Program: http://kantarainitiative.org/confluence/display/Identity+Assurance+Certification Membership Documents: http://kantarainitiative.org/wordpress/membership/

  16. More Information: Accepting applications now! Visit our Assurance Certification Centerhttp://kantarainitiative.org/confluence/x/EYCYAQ Connect with Executive DirectorJoni@ieee-isto.org

More Related