New ‘rules of the road’ for ID management aim to get past password


Written by

The Identity Ecosystem Steering Group, a public-private partnership with the goal of moving past the password as the guarantor of online identity, Tuesday released the first iteration of its flagship plan to create a more secure digital environment.

The roadmap, called the Identity Ecosystem Framework Version 1, seeks to set the nation on a path toward adopting more secure techniques for issuing and maintaining credentials, as outlined in the National Institute of Standards and Technology’s National Strategy for Trusted Identities in Cyberspace. The strategy’s goal is “helping individuals and organizations utilize secure, efficient, easy-to-use and interoperable identity credentials to access online services in a manner that promotes confidence, privacy, choice and innovation,” according to NIST’s website.

“Never before have industry, educational institutions, government agencies, non-profit organizations and consumers come together to create a trusted identity framework to protect their online identity transactions,” states the IDEF V.1. “Working alongside one another in the IDESG, their efforts serve as the foundation for the Identity Ecosystem.”

IDEF V.1 has three components: the functional model, scoping statement and baseline requirements. Each addresses a specific part of the identity management quandary, spanning from issues like third-party authentication and credential uniqueness to recovery and re-issuance. By delving into the issues at the heart of identity management, IDESG hopes to establish a set of best practices across the board for industry and government alike.

“Today is a great day for the Identity Ecosystem,” said Kimberly Little Sutherland, IDESG plenary chairwoman and senior director of identity management strategy, in a release. “We’re in the middle of an identity revolution — organizations and consumers are online conducting transactions and all face risks to their identity, security and privacy. Until now, there have been few clear ways to step forward and make things better. That all changes today.”

-In this Story-

Commerce Department, Cybersecurity, Departments, IDEF, identity and access management (IAM), Identity Ecosystem, IDESG, National Institute of Standards and Technology (NIST), National Strategy for Trusted Identities in Cyberspace, Tech, The Identity Ecosystem Steering Group