NSTIC - "Identity Ecosystem"
Issue/Topic: NSTIC – “Identity Ecosystem” (T4F)
Convener: Jim Fenton
Notes-taker(s): Bill Braithwaite
Tags for the session - technology discussed/ideas considered:
NSTIC, Identity Ecosystem, Identity Provider, Attribute Provider
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Jim described his concept of what was meant by the “Identity Ecosystem” in the June 2010 report on a “National Strategy for Trusted Identities in Cyberspace (NSTIC)”. He drew this diagram of the roles and their relationships:
The box in the diagram represents the identity ecosystem and includes APs and IdPs. The assertions of attributes about the subject required by the RP may be delivered through the IdP or in some cases directly from the AP. Different RPs may require different assertions about the same subject.
The discussion revolved around the trust relationships necessary for this system to work. Attribute Providers (AP) must be trusted by Identity Providers (IdP). Examples of trusted APs included Bank, College, Credit Bureau, and Employer. Identity Providers must be trusted by the subject, and in at least some cases by the Relying Party (RP). Examples of trusted IdPs included: Credit Bureau, Post Office, Fedex/SPS, PayPal, AARP, and Banks.