Identity ecosystem functional model discussion guide
1 / 16

Identity Ecosystem Functional Model DISCUSSION GUIDE - PowerPoint PPT Presentation

  • Uploaded on

Identity Ecosystem Functional Model DISCUSSION GUIDE. IDESG Security Committee September 19, 2013 Adam Madlin. Today’s Agenda. NSTIC requirements Our approach Starting point functional model Identify key characteristics Next steps. DRAFT Functional Model Goals.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Identity Ecosystem Functional Model DISCUSSION GUIDE' - tobit

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Identity ecosystem functional model discussion guide

Identity Ecosystem Functional ModelDISCUSSION GUIDE

IDESG Security Committee

September 19, 2013

Adam Madlin

Today s agenda
Today’s Agenda

  • NSTIC requirements

  • Our approach

  • Starting point functional model

  • Identify key characteristics

  • Next steps

Draft functional model goals
DRAFT Functional Model Goals

  • Create the Identity Ecosystem functional model

  • Define and differentiate IDE functional model vs. framework.

  • Support the NSTIC guiding principles

    • Privacy-­enhancing and voluntary

    • Secure and resilient. (includes scalability)

    • Interoperable

    • Cost-­effective and easy to use

  • Phased releases to support ecosystem evolution

    • Initial release within 6 months, synchronized with initial Trust Framework release

  • Identify gaps to be addressed

  • Other Goals?

Functional Model High Level Plan

Sept 5, 2013

Draft high level plan
DRAFT High Level Plan

  • Review existing accepted functional models and catalogue them

  • Agree on overall goals

  • Identify key requirements and characteristics

  • Develop our functional model

Functional Model High Level Plan

Sept 5, 2013

Basic definitions of roles
Basic Definitions of Roles

  • Attribute Authority - An entity recognized as having the authority to verify the association of attributes to an identity.

  • Attribute Manager

  • Attribute Provider

  • Attribute Verifier

  • Credential Manager - The process of issuing, maintaining, and authenticating a credential is fulfilled by a Credential Manager.

  • Credential Service Provider (CSP) -  A Credential Service Provider comprises an Identity Provider and Credential Manager.

  • Identity Proofer - An Identity Proofer verifies people’s identities before an enterprise issues them accounts and credentials.

  • Identity Provider (IdP) –

    An Identity Provider is an entity which issues identifiers to other entities


    An entity or system that creates, maintains, and manages identity information and provides principal authentication to other service providers.

  • Intermediary – There can be an operational layer between the Identity Providers, Attribute Providers and Relying Parties in an identity ecosystem, which may be known as an Intermediary.   The Intermediary may be a passive pass-through transactional layer, or it may have logic to process transactions in accordance with policy.

  • Relying Party (RP) - A Relying Party is an organization relies on an identity validation to ensure that the individual is who they claim to be.

  • Service Provider - An organization or system that wishes to provide a commercial service (in the private sector), or is mandated to support a government entitlement (in the public sector).

Fmahg model based on oitf model
FMAHG Model (based on OITF model)

Based on kantara iaf model
Based on Kantara IAF Model


may possess

may possess














Link Manager


Online Services


Sources: Anil John, GSA TSF

Functional Model High Level Plan

Sept 5, 2013

Nstic model

Functional Model High Level Plan

Sept 5, 2013

Functional model characteristics requirements
Functional ModelCharacteristics / Requirements

  • Value add to participant as a result of existence of ecosystem

    • New added value to participant

  • Ability to federate between and among other networks

  • Widely supported

  • Interoperable

  • Scalable

  • Support NSTIC guiding principles

  • Identification – disambiguate entities within a set scope

  • E-authentication

  • Structure information sharing

  • Verification of issuer

  • Privacy protected storage of information

  • Privacy protected collection of information

  • Function for linking and matching disparate records