events

Last December ICF Executive Director Drummond Reed spent a day in Victoria, B.C. with the identity management team in the Office of the CIO for the Province of British Columbia, including Ian Bailey, the Executive Director of Architecture and Standards, Charmaine Lowe, Director of Information Standards, and Patricia Wiebe, Senior Identity Architect. The following interview is based on many of the topics they discussed.

Q: Let’s start with the big picture: when did your office first begin to focus on identity management?

A: Back in 1996 we determined that identity management was going to be key to developing a shared services approach for the delivery of IM/IT services for government and started a program to develop a corporate identity management Technology was a real barrier for us at that point, but with the release of Windows Active Directory in 2000 we were able to consolidate most of our directories into a single centralized domain for government workers.  Also at that time we were building our first version of an authentication service to support government’s interactions with businesses and citizens, and in 2002 we started our BCeID identity provider service.  We learned a lot from those first efforts, particularly that directory centric solutions were not going to work in the long term.

Q: So you’ve been at this a long time. Overall, what are the goals of your IdM program, i.e., what’s your vision for what IdM can do for the BC government and the people of the province?

ICF will be an active participant in the OASIS IMI Interop to be held next week at the 2010 RSA Conference at the Moscone Center in San Francisco. The Interop will focus on demonstrations of the GSA ICAM IMI 1.0 Profile for use of Information Cards to U.S. government identity assurance levels.

Contributors to the ICF presence at the Interop include Avoco Secure, Azigo, the Province of British Columbia, Equifax, Meristic, Microsoft, Openinfocard, and PayPal. They will be demonstrating Information Cards, relying party sites, and selectors compatible with the GSA ICAM IMI 1.0 Profile.

The IMI Interop will be held in the OASIS booth (#2545) on the RSA show floor. The booth will be open:

• 6-8PM Monday March 1
• 11-6PM Tuesday March 2
• 11-6PM Wednesday March 3
• 11-3PM Thursday March 4

Currently IMI Interop presentations are scheduled every two hours during the day in the booth. Direct interop demonstrations will be going on continuously. We invite you to come by the booth and visit us.

ICF will also be participating in a major announcement about the establishment of new infrastructure for online identity assurance – watch for further information here.

Lastly, the ICF Board of Directors will hold a face-to-face meeting from 3-7PM on Thursday March 4 at SPUR, 654 Mission Street (two blocks from Moscone).

Bethesda, MD, USA – The first iTrust Forum, held today at the National Institute of Health (NIH) headquarters in Bethesda, MD, featured a four-part session about the U.S. government’s Open Identity for Open Government Initiative. NIH is leading government adoption of this initiative through the NIH Federated Identity Service. NIH demonstrated the first production use of open identity technologies at the iTrust Forum by showing how the Federated Identity Service now accepts logins from several of the ten OpenID and Information Card identity providers who have announced participation in the initiative.

In a separate demonstration, Don Schmidt of Microsoft showed a prototype “multi-protocol selector” – software that will enable users to do both OpenID and Information Card registration/login to websites through one simple, safe, visual interface. This will make authentication at many different websites dramatically simpler for users while at the same time providing strong protection against the main source of phishing attacks.

ICF Executive Director Drummond Reed and OpenID Foundation Executive Director Don Thibeau presented the Open Identity Framework (OIF), a new open trust framework model being developed jointly by the ICF and OIDF to solve the problem of how third-party portable identity credentials such as OpenID and Information Cards can be trusted in very large deployments, such as across the entire U.S. population and all U.S. government websites.

ICF Executive Director Drummond Reed just returned from a two-week trip to the EU. He shares the following observations:

My first stop was giving a keynote at the NordSec conference in Oslo, wonderfully organized by Dr. Audun Jøsang of the University of Oslo. The agenda was one of the richest of any conference in my recent memory; I found myself taking notes constantly on talks covering STORK, ID management based on mobile SIM cards, and privacy risks in Web 2.0, among other topics.

The day ended with a panel on “Global identity management – a threat or an opportunity for privacy?” I spoke strongly in favor of the opportunity Information Card technology offers for privacy protection, and how the U.S. government’s open identity solutions initiative is taking advantage of this. That initiative and the ICF/OIDF open trust frameworks project drew a great deal of interest among the largely EU-based audience—its potential for helping “raise the bar” on Internet privacy was one the main themes of the panel.

ICF Executive Director Drummond Reed and OpenID Foundation Executive Director Don Thibeau will present the foundation’s joint Open Trust Framework at the OASIS Identity Management 2009 conference tomorrow at the NIST headquarters in Gaithersburg, Maryland. The theme of the conference is Transparent Government: Risks, Rewards, and Repercussions.

The Open Trust Framework, summarized in the OIDF/ICF joint white paper Open Trust Frameworks for Open Government, is a mechanism that enables relying parties (the websites and services that accept open identity credentials such as OpenID or Information Cards from individuals) to verify that identity providers (the third parties providing such credentials on behalf of the individual) are certified to provide those credentials at the level of assurance (LOA) the relying party requires.

In the case of U.S. government, for example, there are four LOAs defined by NIST and the Office of Management and Budget (OMB), each with its own level of identity proofing, security, and privacy requirements. With the Open Trust Framework, U.S. government websites will be able to determine if a particular identity credential meeting the ICAM OpenID 2.0 profile or IMI Information Card 1.0 profile at a particular LOA was issued by an identity provider certified to meet the U.S. government requirements at that LOA.

Washington D.C. - At the Open Government Identity Management Solutions Privacy Workshop held today in Washington D.C., Don Thibeau, Executive Director of the OpenID Foundation, and Drummond Reed, Executive Director of the Information Card Foundation, announced a joint white paper from both foundations. Entitled Open Trust Frameworks for Open Government, the paper explains the approach both foundations are taking to enable open, Internet-scale trust networks using OpenID and Information Cards.

"Open trust frameworks are the way to bridge open identity technologies like OpenID and Information Cards with the trust requirements of large communities such as the U.S. federal government," said Mr. Reed. "They are a practical solution to enabling government agency websites and applications to accept identities from non-governmental identity providers. This reduces friction and lowers costs while at the same time increasing security and privacy."

The focus of the workshop was the privacy implications of introducing open identity technologies to federal websites. Besides Mr. Reed, speakers on this topic included:

The European e-Identity Management Association (EEMA) held its annual conference in London last week, and Information Cards were a major topic. At the opening session on Thursday, 25 June, Kim Cameron of Microsoft gave an overview of claims-based identity and the role of Information Cards in a claims-based identity metasystem. He also mentioned his new white paper, Proposal for a Common Identity Framework: A User-Centric Identity Metasystem, co-authored with Reinhard Posch (federal CIO for the Austrian government since 2001) and Kai Rannenberg (the T-Mobile Chair for Mobile Business and Multilateral Security at Goethe University Frankfurt).

The second day of the conference featured an Identity Metasystems Roundtable, moderated by John Bradley, ICF Fellow and OASIS IDtrust Steering Committee Member, Tony Nadalin of Microsoft, and Drummond Reed, ICF Executive Director. It was an in-depth discussion covering many current topics in the Information Card and IMI ecosystem, including:

The Spring 2009 Internet Identity Workshop concluded three days of intensive discussion of key Internet identity technologies last week. Following an introduction to Information Cards on the first morning by ICF Executive Director Drummond Reed, sessions on Information Card technology were held throughout the week.

Mr. Reed and Kynetx CTO Phil Windley held two sessions on action cards, the new application of Information Card technology to augmented web browsing (for more details, see the ICF white paper, The Information Card Ecosystem). Mr. Windley demonstrated how an action card rule could be written to add a real-time Twitter search to a Google search results page. "With the Kynetx Rules Language (KRL), any Information Card can be used to share user context across two or more sites in ways that provide immediate user value", said Mr. Windley.

Mr. Windley also announced that Kynetx is starting a limited beta of its developer tools program. Interested developers should contact him directly.

The Information Card Foundation is pleased to welcome the newly-formed German Language Chapter to the Foundation. The chapter facilitates activities and discussions about Information Cards among German-speaking people, primarily from Germany, Austria, and Switzerland.

The first meeting of the chapter was held this week at the European Identity Conference in Munich, and was enthusiastically attended by approximately 25 people representing at least 17 companies and organizations. 7 presentations were made about Information Card projects happening in the region.

The German Language Chapter hosts its own website at http://informationcard.de/.

Willkommen!

Kuppinger Cole, organizers of the European Identity Conference 2009 (EIC) taking place from May 5-8 in Munich, Germany, announced today that they have conferred the European Identity Award for Best New or Improved Standard to the Information Card Foundation.

The award was granted for the ICF's contribution to standardizing Information Cards as a core technology for the future of identity management. It was accepted by ICF board members Paul Trevithick, Axel Nennker, Kim Cameron, and Mike Jones, all of whom are attending the EIC.

"On behalf of the Information Card Foundation, I want to thank Kuppinger Cole and the EIC for this honor", said Drummond Reed, ICF Executive Director. "The purpose of ICF is to bring an open community together to advance Information Card standards, implementations, and practices around the world, and this is a sign we are making real progress."

Kuppinger Cole also issued every registered user of the EIC conference a managed Information Card that can be used to enter the conference portal at www.kuppingercole.com. These cards were issued using the Webcard Loyalty portal service provided by ICF member fun communications.

The EIC also hosted in the inaugural meeting of the German Chapter of the ICF. Further reporting on that meeting will be posted once the EIC has concluded.