Trusted Identifiers in Cyberspace
Full Title or Meme
The core concepts as introduced by President Obama in NSTIC papers. The original "Identity" has been changed to "Identifiers" to make clear what is actually present in Cyberspace.
Context
About 7 years ago, the White House introduced The National Strategy for Trusted Identities in Cyberspace (NSTIC), an initiative collaboratively bringing together the private sector, advocacy groups, public sector agencies and other organizations to improve the privacy, security and convenience of online transactions. The Identity Ecosystem envisioned in the NSTIC is an online environment where individuals and organizations are able to trust each other because they follow agreed-upon standards to obtain and authenticate their digital identities – and the digital identities of devices.
To achieve this objective, the NSTIC established guiding principles for the creation of an Identity Ecosystem, developed with identity solutions that are:
- Privacy-enhancing and voluntary,
- Secure and Resilient,
- Interoperable and
- Cost-effective and easy to use.
- Used as source of the principles for the Identity Ecosystem Framework (IDEF).
Problems
The National Strategy for Trusted Identities in Cyberspace (NSTIC) tried to solve all of the problems of Privacy and Security if Identifiers with a single strategy. NIST tried to bootstrap the strategy by creating an organization that sought input from all the stakeholders in Identity in Cyberspace. As is to be expected in such a free-for-all the resulting Identity Ecosystem Framework {IDEF} pleased no one. This page tries to narrow the problem to just getting the Identifiers right and building from there.
- The original term was Trusted Identities in Cyberspace, which directs the user here. Since it has become common to use the term Identity to reference that attributes of a real-world entity and not some subset collection of those attributes held in a user Object in cyberspace. Thus the current change in Technology nomenclature.
Solutions
The proposed solution is a hierarchy of Identifiers.
- Trusted Identifier
- Trusted Location
- Web Site URL with a trust certificate for TLS. (Alternates to the EV Cert are now under consideration.)