1 / 10

Kantara Initiative: Certification and Accreditation

www.oasis-open.org. Kantara Initiative: Certification and Accreditation. Leveraging Existing Identity Assurance Certification and Accreditation OASIS International Cloud Symposium 2012. www.oasis-open.org. Kantara Initiative Overview Supporting Privacy:

chynna
Download Presentation

Kantara Initiative: Certification and Accreditation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. www.oasis-open.org Kantara Initiative: Certification and Accreditation Leveraging Existing Identity Assurance Certification and Accreditation OASIS International Cloud Symposium 2012

  2. www.oasis-open.org Kantara Initiative Overview • Supporting Privacy: • Developing solutions for secure, identity based, privacy-respecting online interaction • Building Trust • Ensuring trusted network environments are available to support generative growth within the • Open Community • Bridging various technologies and harmonizing effective solutions related to online identity 2

  3. www.oasis-open.org Focusing on trustharmonization by developing compliance criteria based on requirements of end-users, relying parties and identity providers. Operating compliance programs for multiple solutionsthat fit a variety of requirements and jurisdictions. Kantara Builds Bridges 3

  4. www.oasis-open.org Kantara Initiative Liaisons • ISO: 2115, 29100, 29191, etc. • ITU-T: X.EAA, OITF • OASIS: eGovernment, SAML SSTC, etc. • Governments: Performing confidential and non-confidential program reviews ups request for specific international governments and government agencies. 4

  5. www.oasis-open.org Kantara Initiative Groups and Programs 2012 KANTARA INITIATIVE PROGRAMS WORK & DISCUSSION GROUP ACRONYMS: NON-CERTIFICATION COMPLIANCE and CERTIFICATION • (AM) Attribute Management • (BCTF) Business Cases for Trusted Federation • (eGOV) eGovernment • (FI) Federation Interoperability • (IOP) Interoperability INTEROPERABILITY ASSURANCE HARMONIZATION Interop Review Board (IRB) • Certification, Verification • Tools, Demos Assurance Review Board (ARB) • Certification • Accreditation User-Centric, Jurisdiction and Vertical Based AMDG • (HIA) Heath Identity Assurance • (IA) Identity Assurance • (Info Sharing) Information Sharing • (OSSI) Open Source Strategic Initiative • (P3) Privacy and Public Policy eGovWG BCTF HIAWG eGovWG Consumer ID • (Consumer ID) Consumer Identity • (Japan) Japan • (Telco ID) Telecommunication Identification • (UMA) User Managed Access IAWG Japan FIWG ISWG Telco ID OSSIWG P3WG UMAWG 5

  6. www.oasis-open.org Kantara Certification and Accreditation • Identity Assurance Accreditation and Approval Program • Identity Assurance Work Group (IAWG) Input requirements in to Kantara Relying Parties & End-Users Criteria for IdP / CSP Assessment to verify Trust Kantara community develops criteria for assessment Trust Kantara accredited assessors perform assessments CSPs IdPs 6 6

  7. www.oasis-open.org • Target Audience • Enable End-users (Enterprises, Governments, Verticals, Communities) to trust credentials proofed and issued by Identity Providers / Credential Service Providers • Value Proposition • Exponential ROI • Increased security • Compliance with laws, regulations, and standards • Improved interoperability / user experience • Elimination of redundancy • Increase in protection of Personally Identifiable Information (PII)Source: http://www.idmanagement.gov/pages.cfm/page/IDManagement-library 7

  8. Identity Assurance Framework Documents GeneralOverviews ProgramOperations CSPs& Assessors Assessors 8

  9. Going forward… • Identity Assurance Framework:Service component approach enabling Approval of Identity Proofing and Credential Management services. Decoupling Credential from Identity (pseudonymous approach). Alignments with 800-63. • Privacy Assessment Criteria:Building upon the Kantara US Federal Privacy Additional Criteria the Privacy and Public Policy (P3) WG specifying audit controls applied in a Privacy Assessment. • Attribute Management (AM) Assurance:Performed landscape review of varying AM standards and development activities in Identity focused communities • Trust Frameworks Variations: Requirements determined by communities of trust and/or regulations 9

  10. Thanks! Contact information: Kantara Executive Director: Joni Brennan joni @ kantarainitiative.org General Inquiries: support @ kantarainitiative.org

More Related