Date Published: October 2016
Comments Due:
Email Questions to:
Withdrawn: January 12, 2018
Author(s)
David Temoshok (NIST), Christine Abruzzi (Deloitte & Touche)
Announcement
More and more, online service providers are struggling to find secure ways of verifying that their consumers are who they say they are while, at the same time, protecting their users' privacy. Some communities and organizations, that share common user bases and transaction types, are choosing to address these challenges by allowing their users to access multiple services through common login credentials. This approach -- known as federated identity management -- enables users to access multiple online organizations and services through shared authentication processes (instead of authenticating separately to each and every service provider).
This document provides an informational look at trust frameworks and explains what they are, what their components are, and how they relate to the concept of identity federation. In Draft NISTIR 8149, Developing Trust Frameworks to Support Identity Federations, NIST aims to educate communities that are interested in pursuing federated identity management, and provide a resource for them as they create the agreements and other components that will make up their trust frameworks. It includes guidance on determining roles in an identity federation, on what to consider from a legal standpoint, and on understanding the importance of establishing and recognizing conformance. Additionally, this document is intended to standardize the language around identity federation and trust frameworks in order to promote their widespread adoption.
Submitting Comments:
Commenters are STRONGLY encouraged to publicly collaborate with the NIST team, and with other participants, via the NISTIR 8149 GitHub pages.
OR, for those of you who prefer, we have provided a PDF version of NISTIR 8149 and traditional comment matrix for your use.
All comments, regardless of how they are provided to NIST, will be made public as a GitHub "issue".
When supported by trust frameworks, identity federations provide a secure method for the leveraging of shared identity credentials across communities of similarly-focused online service providers. This document explores the concepts around trust frameworks and identity federations and provides topics to consider in their development.
When supported by trust frameworks, identity federations provide a secure method for the leveraging of shared identity credentials across communities of similarly-focused online service providers. This document explores the concepts around trust frameworks and identity federations and provides...
See full abstract
When supported by trust frameworks, identity federations provide a secure method for the leveraging of shared identity credentials across communities of similarly-focused online service providers. This document explores the concepts around trust frameworks and identity federations and provides topics to consider in their development.
Hide full abstract
Keywords
identity federation; trust frameworks; identity management; multilateral agreements; credential service providers; authentication; relying parties; secure online transactions; NSTIC; interoperability, information security; cybersecurity; identity; identity proofing
Control Families
Identification and Authentication;
Access Control;