Omaerz: 27 revisions imported: Initial Upload of old pages from IDESG Wiki

2018-06-28T03:00:53Z

27 revisions imported: Initial Upload of old pages from IDESG Wiki

New page

Below is the list of the titles of each of the Requirements and Best Practices comprising the IDEF Baseline Functional Requirements v1.0. Each title on this page provides a link to a separate page on this website (wiki) containing the text of the item. 

Additional commentary and supplemental material is in development and will be linked to each requirement page. In the requirement text: (a) Short titles for each item are included for indexing and ease of reading, but are not considered normative. (b) Certain words are CAPITALIZED for ease of review and identifying specific roles, but that capitalization is not considered normative.

A formal printed version of these same Requirements as approved, with IDESG logos, can be downloaded from: 
https://workspace.idesg.org/kws/public/download/442/IDEF-Baseline-Requirement-v1.0-with-Supplemental-Guidance.pdf

== Scope ==
The [http://www.nist.gov/nstic National Strategy for Trusted Identities in Cyberspace (NSTIC)] envisions widespread, trusted identity exchanges using federated methods that are secure, interoperable, privacy-enhancing and easy to use. Realization of that vision will require companies, agencies and individuals to perform at a new level. The Requirements are our first step towards that goal, by describing a set of functions that parties must be able to fulfill, and a set of criteria for assessing those capabilities.

The Requirements are an informed step forward in privacy, security, interoperability and usability based on the work of the IDESG's diverse membership of practitioners expert in their respective fields.

Identity Ecosystem stakeholders can use the Requirements to identify and measure capabilities and services today and identify others to implement. [http://www.idesg.org IDESG]'s Identity Ecosystem Framework (IDEF) includes guidance, listing and self-reporting facilities, in its [http://www.IDEFRegistry.org IDEF Registry]. The IDEF Registry supports reporting by identity service providers of their self-assessments. IDESG plans include an option to expand this program to also accommodate third-party certification, based on execution of the initial listing and IDESG’s outreach, activities and stakeholder input.

== Interpretation ==

IDESG has approved and provided a [[IDEF_Glossary|Glossary of Terms]] for the IDEF program, and a list of [[APPENDIX A-Defined Terms|certain definitions]], linked below. Defined terms that are used in these Requirements are hyperlinked, in the Requirement text displayed in this wiki, to the relevant definitions.

== Requirements ==
=== Interoperability ===
[[Interop Req 1|INTEROP-1. THIRD PARTY AUTHENTICATION]] 
[[Interop Req 2|INTEROP-2. THIRD PARTY CREDENTIALS]] 
[[Interop Req 3|INTEROP-3. STANDARDIZED CREDENTIALS]] 
[[Interop Req 4|INTEROP-4. STANDARDIZED DATA EXCHANGES]] 
[[Interop Req 5|INTEROP-5. DOCUMENTED PROCESSES]] 
[[Interop Req 6|INTEROP-6. THIRD-PARTY COMPLIANCE]] 
[[Interop Req 7|INTEROP-7. USER REDRESS]] 
[[Interop Req 8|INTEROP-8. ACCOUNTABILITY]] 

=== Privacy ===
[[Privacy Req 1|PRIVACY-1. DATA MINIMIZATION]] 
[[Privacy Req 2|PRIVACY-2. PURPOSE LIMITATION]] 
[[Privacy Req 3|PRIVACY-3. ATTRIBUTE MINIMIZATION]] 
[[Privacy Req 4|PRIVACY-4. CREDENTIAL LIMITATION]] 
[[Privacy Req 5|PRIVACY-5. DATA AGGREGATION RISK]] 
[[Privacy Req 6|PRIVACY-6. USAGE NOTICE]] 
[[Privacy Req 7|PRIVACY-7. USER DATA CONTROL]] 
[[Privacy Req 8|PRIVACY-8. THIRD-PARTY LIMITATIONS]] 
[[Privacy Req 9|PRIVACY-9. USER NOTICE OF CHANGES]] 
[[Privacy Req 10|PRIVACY-10. USER OPTION TO DECLINE]] 
[[Privacy Req 11|PRIVACY-11. OPTIONAL INFORMATION]] 
[[Privacy Req 12|PRIVACY-12. ANONYMITY]] 
[[Privacy Req 13|PRIVACY-13. CONTROLS PROPORTIONATE TO RISK]] 
[[Privacy Req 14|PRIVACY-14. DATA RETENTION AND DISPOSAL]] 
[[Privacy Req 15|PRIVACY-15. ATTRIBUTE SEGREGATION]] 

=== Security ===
[[Secure Req 1|SECURE-1. SECURITY PRACTICES]] 
[[Secure Req 2|SECURE-2. DATA INTEGRITY]] 
[[Secure Req 3|SECURE-3. CREDENTIAL REPRODUCTION]] 
[[Secure Req 4|SECURE-4. CREDENTIAL PROTECTION]] 
[[Secure Req 5|SECURE-5. CREDENTIAL ISSUANCE]] 
[[Secure Req 6|SECURE-6. CREDENTIAL UNIQUENESS]] 
[[Secure Req 7|SECURE-7. TOKEN CONTROL]] 
[[Secure Req 8|SECURE-8. MULTIFACTOR AUTHENTICATION]] 
[[Secure Req 9|SECURE-9. AUTHENTICATION RISK ASSESSMENT]] 
[[Secure Req 10|SECURE-10. UPTIME]] 
[[Secure Req 11|SECURE-11. KEY MANAGEMENT]] 
[[Secure Req 12|SECURE-12. RECOVERY AND REISSUANCE]] 
[[Secure Req 13|SECURE-13. REVOCATION]] 
[[Secure Req 14|SECURE-14. SECURITY LOGS]] 
[[Secure Req 15|SECURE-15. SECURITY AUDITS]] 

=== Usability ===
[[Usable Req 1|USABLE-1. USABILITY PRACTICES]] 
[[Usable Req 2|USABLE-2. USABILITY ASSESSMENT]] 
[[Usable Req 3|USABLE-3. PLAIN LANGUAGE]] 
[[Usable Req 4|USABLE-4. NAVIGATION]] 
[[Usable Req 5|USABLE-5. ACCESSIBILITY]] 
[[Usable Req 6|USABLE-6. USABILITY FEEDBACK]] 
[[Usable Req 7|USABLE-7. USER REQUIREMENTS]] 

== Best Practices and Potential Future Requirements ==

[[Interop Best Practice A|INTEROP-BP-A. RECOMMENDED PORTABILITY]] 
[[Interop Best Practice B|INTEROP-BP-B. RECOMMENDED EXCHANGE STANDARDS]] 
[[Interop Best Practice C|INTEROP-BP-C. RECOMMENDED TAXONOMY STANDARDS]] 
[[Interop Best Practice D|INTEROP-BP-D. RECOMMENDED PROCESS MODELS]] 
[[Interop Best Practice E|INTEROP-BP-E. RECOMMENDED MODULARITY]] 
[[Interop Best Practice F|INTEROP-BP-F. RECOMMENDED FEDERATION COMPLIANCE]] 
[[Interop Best Practice G|INTEROP-BP-G. RECOMMENDED LEGAL COMPLIANCE]] 
[[Privacy Best Practice A|PRIVACY-BP-A. RECOMMENDED QUALITY CONTROLS]] 
[[Privacy Best Practice B|PRIVACY-BP-B. RECOMMENDED TECHNOLOGY ENFORCEMENT]] 
[[Privacy Best Practice C|PRIVACY-BP-C. RECOMMENDED CONSEQUENCES OF DECLINING]] 
[[Usable Best Practice A|USABLE-BP-A. RECOMMENDED ATTRIBUTE REQUIREMENTS QUERY]] 

== Defined Terms ==

{| class="wikitable"
|>> ||''Forward to:''|| [[IDEF_Glossary]]
|-
|>> || ||
[[APPENDIX A-Defined Terms]]
|}

Baseline Functional Requirements v1.0 - Revision history

Omaerz: 27 revisions imported: Initial Upload of old pages from IDESG Wiki