www oasisopen org Kantara Initiative Certification and Accreditation

  • Slides: 10
Download presentation
www. oasis-open. org Kantara Initiative: Certification and Accreditation Leveraging Existing Identity Assurance Certification and

www. oasis-open. org Kantara Initiative: Certification and Accreditation Leveraging Existing Identity Assurance Certification and Accreditation OASIS International Cloud Symposium 2012

www. oasis-open. org Kantara Initiative Overview v Supporting Privacy: Developing solutions for secure, identity

www. oasis-open. org Kantara Initiative Overview v Supporting Privacy: Developing solutions for secure, identity based, privacyrespecting online interaction v Building Trust Ensuring trusted network environments are available to support generative growth within the v Open Community Bridging various technologies and harmonizing effective solutions related to online identity 2

www. oasis-open. org Kantara Builds Bridges Focusing on trust harmonization by developing compliance criteria

www. oasis-open. org Kantara Builds Bridges Focusing on trust harmonization by developing compliance criteria based on requirements of end-users, relying parties and identity providers. Operating compliance programs for multiple solutions that fit a variety of requirements and jurisdictions. 3

www. oasis-open. org Kantara Initiative Liaisons v ISO: 2115, 29100, 29191, etc. v ITU-T:

www. oasis-open. org Kantara Initiative Liaisons v ISO: 2115, 29100, 29191, etc. v ITU-T: X. EAA, OITF v OASIS: e. Government, SAML SSTC, etc. Governments: Performing confidential and non-confidential program reviews ups request for specific international governments and government agencies. v 4

www. oasis-open. org Kantara Initiative Groups and Programs 2012 KANTARA INITIATIVE PROGRAMS COMPLIANCE and

www. oasis-open. org Kantara Initiative Groups and Programs 2012 KANTARA INITIATIVE PROGRAMS COMPLIANCE and CERTIFICATION NONCERTIFICATION WORK & DISCUSSION GROUP ACRONYMS: • (AM) Attribute Management • (BCTF) Business Cases for Trusted Federation INTEROPERABILITY ASSURANCE HARMONIZATION • (e. GOV) e. Government Interop Review Board (IRB) Assurance Review Board (ARB) • (FI) Federation Interoperability • Certification, Verification • Certification User-Centric, Jurisdiction and Vertical Based • Tools, Demos • Accreditation AMDG • (IOP) Interoperability • (HIA) Heath Identity Assurance • (IA) Identity Assurance e. Gov. WG BCTF • (Info Sharing) Information Sharing • (OSSI) Open Source Strategic Initiative e. Gov. WG HIAWG FIWG Consumer ID • (P 3) Privacy and Public Policy • (Consumer ID) Consumer Identity • (Japan) Japan • (Telco ID) Telecommunication Identification • (UMA) User Managed Access ISWG Telco ID OSSIWG P 3 WG UMAWG 5

www. oasis-open. org Kantara Certification and Accreditation v Identity Assurance Accreditation and Approval Program

www. oasis-open. org Kantara Certification and Accreditation v Identity Assurance Accreditation and Approval Program v. Identity Assurance Work Group (IAWG) Relying Parties & End-Users Input requirements in to Kantara community develops criteria for assessment Criteria for Id. P / CSP Assessment to verify Trust CSPs Id. Ps Kantara accredited assessors perform assessments 6

www. oasis-open. org Target Audience v Enable End-users (Enterprises, Governments, Verticals, Communities) to trust

www. oasis-open. org Target Audience v Enable End-users (Enterprises, Governments, Verticals, Communities) to trust credentials proofed and issued by Identity Providers / Credential Service Providers Value Proposition v v v Exponential ROI Increased security Compliance with laws, regulations, and standards Improved interoperability / user experience Elimination of redundancy Increase in protection of Personally Identifiable Information (PII) 7

Identity Assurance Framework Documents IAF 1000 - Overview of of the IAF documents and

Identity Assurance Framework Documents IAF 1000 - Overview of of the IAF documents and structure General Overviews IAF 1100 - Glossary of terms used in the IAF documents IAF 1200 – Levels of Assurance Overview in detail of the Levels of Assurance IAF 1300 – Assurance Assessment Scheme Process of how the Assurance Program operates Program Operations IAF 1400 – Service Assessment Criteria Credential Service Providers (CSPs) must prove for compliance at the different Levels of Assurance CSPs & Assessors IAF 1600 – Assessor Qualifications and Requirements Qualifications Assessors must prove to become Kantara IAF Accredited Assessors 8

• Going forward… • Identity Assurance Framework: Service component approach enabling Approval of

• Going forward… • Identity Assurance Framework: Service component approach enabling Approval of Identity Proofing and Credential Management services. Decoupling Credential from Identity (pseudonymous approach). Alignments with 800 -63. • Privacy Assessment Criteria: Building upon the Kantara US Federal Privacy Additional Criteria the Privacy and Public Policy (P 3) WG specifying audit controls applied in a Privacy Assessment. • Attribute Management (AM) Assurance: Performed landscape review of varying AM standards and development activities in Identity focused communities • Trust Frameworks Variations: Requirements determined by communities of trust and/or regulations 9

Thanks! Contact information: Kantara Executive Director: Joni Brennan joni @ kantarainitiative. org General Inquiries:

Thanks! Contact information: Kantara Executive Director: Joni Brennan joni @ kantarainitiative. org General Inquiries: support @ kantarainitiative. org

Certification and Accreditation What is Certification Accreditation AccreditationCertification and Accreditation What is Certification Accreditation Accreditation
Certification and Accreditation What is Certification Accreditation AccreditationCertification and Accreditation What is Certification Accreditation Accreditation
Certification and Accreditation What is Certification Accreditation AccreditationCertification and Accreditation What is Certification Accreditation Accreditation
Kantara Initiative Privacy Framework Overview and Value PropositionKantara Initiative Privacy Framework Overview and Value Proposition
Kantara Initiative Identity Assurance Framework Overview and ValueKantara Initiative Identity Assurance Framework Overview and Value
An Overview of Kantara Initiative Inc SUBTITLE PresenterAn Overview of Kantara Initiative Inc SUBTITLE Presenter
Kantara Initiative IAWG 800 63 3 SubGroup KickoffKantara Initiative IAWG 800 63 3 SubGroup Kickoff
Attribute Management A Kantara Initiative Discussion Group ReportAttribute Management A Kantara Initiative Discussion Group Report
Accreditation Canada Medicine Accreditation 2016 What is AccreditationAccreditation Canada Medicine Accreditation 2016 What is Accreditation