U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Insights

a NIST blog

The IDESG hits a big milestone on the road to creating the Identity Ecosystem Framework

By: Jeremy Grant

Share

The Identity Ecosystem Steering Group (IDESG) has been hard at work delivering on version 1 of the Identity Ecosystem Framework (IDEF). This week, the steering group hit a major milestone: meeting a March 16th deadline for developing baseline requirements for the IDEF. While this is a big milestone for the IDESG, it also marks an important moment for private sector stakeholders interested in participating in the Identity Ecosystem (IE), since the upcoming IDEF – due out this summer – will enable individuals and organizations to start using a new generation of more secure, convenient, privacy-enhancing credentials that are interoperable across the internet.

The IDEF is the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the IE. This framework ultimately provides a baseline set of standards and policies that apply to all of the IE participants. Over the last year, four IDESG committees (privacy, user experience, security, and standards)—each of which is dedicated to building parts of the IDEF—have been working toward the IDEF by developing requirements. The committees have been dutifully mapping these requirements to the IDESG functional model, which breaks down all aspects of an identity interaction. All four committees have officially submitted these requirements to the IDESG Framework Management Office, which will now work to harmonize the committees’ efforts into one cohesive deliverable.

The IDESG will soon use these requirements for its self-assessment program, set to launch this summer; organizations will be able to attest that they comply with these version 1 “baseline” functional requirements. Heading into the next phase of work, the IDESG will then determine the mechanics of how organizations will self-assess compliance.

We’re thrilled to see IDESG members hit this major milestone. This marks the fulfillment of a major goal of the NSTIC—to define what an “interoperable, easy to use, secure, and privacy-enhancing” IE really looks like. We look forward to what is next for IDESG and are proud of the tireless efforts of its staff and many great volunteers!

Follow the NSTIC NPO on Twitter for the latest updates.

Publications

About the author

Related posts

Comments

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.