Difference between revisions of "Trusted Identifiers in Cyberspace"

From MgmtWiki
Jump to: navigation, search
(Full Title or Meme)
(References)
 
(5 intermediate revisions by the same user not shown)
Line 17: Line 17:
 
==Problems==
 
==Problems==
 
The National Strategy for Trusted Identities in Cyberspace (NSTIC) tried to solve all of the problems of [[Privacy]] and [[Security]] if [[Identifier]]s with a single strategy. NIST tried to bootstrap the strategy by creating an organization that sought input from all the stakeholders in [[Identity]] in Cyberspace. As is to be expected in such a free-for-all the resulting Identity Ecosystem Framework {IDEF} pleased no one. This page tries to narrow the problem to just getting the [[Identifier]]s right and building from there.
 
The National Strategy for Trusted Identities in Cyberspace (NSTIC) tried to solve all of the problems of [[Privacy]] and [[Security]] if [[Identifier]]s with a single strategy. NIST tried to bootstrap the strategy by creating an organization that sought input from all the stakeholders in [[Identity]] in Cyberspace. As is to be expected in such a free-for-all the resulting Identity Ecosystem Framework {IDEF} pleased no one. This page tries to narrow the problem to just getting the [[Identifier]]s right and building from there.
 +
 +
* The original term was Trusted Identities in Cyberspace, which directs the user here. Since it has become common to use the term Identity to reference that attributes of a real-world entity and not some subset collection of those attributes held in a [[user Object]] in cyberspace. Thus the current change in Technology nomenclature.
 +
 
==Solutions==
 
==Solutions==
 
The proposed solution is a hierarchy of [[Identifier]]s.
 
The proposed solution is a hierarchy of [[Identifier]]s.
 
*[[Trusted Identifier]]
 
*[[Trusted Identifier]]
 
*[[Trusted Location]]
 
*[[Trusted Location]]
*Web Site URL with a trust certificate for [[TLS]].
+
*Web Site URL with a trust certificate for [[TLS]]. (Alternates to the [[EV Cert]] are now under consideration.)
  
 
==References==
 
==References==
Line 27: Line 30:
 
[[Category:Identifier]]
 
[[Category:Identifier]]
 
[[Category:Trust]]
 
[[Category:Trust]]
 +
[[Category:Profile]]
 +
[[Category: Assurance]]

Latest revision as of 12:56, 3 September 2021

Full Title or Meme

The core concepts as introduced by President Obama in NSTIC papers. The original "Identity" has been changed to "Identifiers" to make clear what is actually present in Cyberspace.

Context

About 7 years ago, the White House introduced The National Strategy for Trusted Identities in Cyberspace (NSTIC), an initiative collaboratively bringing together the private sector, advocacy groups, public sector agencies and other organizations to improve the privacy, security and convenience of online transactions. The Identity Ecosystem envisioned in the NSTIC is an online environment where individuals and organizations are able to trust each other because they follow agreed-upon standards to obtain and authenticate their digital identities – and the digital identities of devices.

To achieve this objective, the NSTIC established guiding principles for the creation of an Identity Ecosystem, developed with identity solutions that are:

  1. Privacy-enhancing and voluntary,
  2. Secure and Resilient,
  3. Interoperable and
  4. Cost-effective and easy to use.

Problems

The National Strategy for Trusted Identities in Cyberspace (NSTIC) tried to solve all of the problems of Privacy and Security if Identifiers with a single strategy. NIST tried to bootstrap the strategy by creating an organization that sought input from all the stakeholders in Identity in Cyberspace. As is to be expected in such a free-for-all the resulting Identity Ecosystem Framework {IDEF} pleased no one. This page tries to narrow the problem to just getting the Identifiers right and building from there.

  • The original term was Trusted Identities in Cyberspace, which directs the user here. Since it has become common to use the term Identity to reference that attributes of a real-world entity and not some subset collection of those attributes held in a user Object in cyberspace. Thus the current change in Technology nomenclature.

Solutions

The proposed solution is a hierarchy of Identifiers.

References