Senior Executive Advisor for Identity Management
National Institute of Standards and Technology
The National Strategy for Trusted Identities in Cyberspace (NSTIC) is a White House initiative to work collaboratively with the private sector, advocacy groups, public sector agencies, and other organizations to improve the privacy, security, and convenience of sensitive online transactions.
The Strategy calls for the development of interoperable technology standards and policies — an "Identity Ecosystem" — where individuals, organizations, and underlying infrastructure — such as routers and servers — can be authoritatively authenticated. The goals of the Strategy are to protect individuals, businesses, and public agencies from the high costs of cyber crimes like identity theft and fraud, while simultaneously helping to ensure that the Internet continues to support innovation and a thriving marketplace of products and ideas.
The Strategy was developed with substantial input from the private sector and the public. It calls for the effort to be led by the private sector, in partnership with the federal government, consumer advocacy organizations, privacy experts, state and local agencies, and others. Organizations representing 18 different business and infrastructure sectors and 70 different nonprofit and federal advisory groups were consulted in developing the Strategy.
Establishment of an Identity Ecosystem would allow individuals to validate their identities securely when they're doing sensitive transactions (like banking or viewing health records) and let them stay anonymous when they're not (like blogging or surfing the Web). The Identity Ecosystem would protect the privacy of individuals by reducing the need for individuals to share personally identifiable information (PII) in order to identify themselves at multiple web sites and by establishing consistent policies about how organizations use and manage PII in the Identity Ecosystem.
The Department of Commerce has established a National Program Office (NPO), led by the National Institute of Standards and Technology, to coordinate the federal activities needed to implement NSTIC. The office would become the focal point to bring the public and private sectors together to meet this challenge.
The NPO works closely with the White House Cybersecurity Coordinator, Michael Daniel, and it coordinates the NSTIC implementation activities of federal agencies, including the Department of Health and Human Services, Department of Homeland Security, Department of the Treasury, General Services Administration, and Department of Veterans Affairs.