Usable Req 1: Difference between revisions
Mary Hodder (talk | contribs) m (→APPLIES TO ROLES: syntax) |
Mary Hodder (talk | contribs) (→APPLIES TO ROLES: syntax) |
||
| Line 34: | Line 34: | ||
=== APPLIES TO ROLES === | === APPLIES TO ROLES === | ||
[RELYING PARTIES] | [[IDEF Functional Model RELYING PARTIES|RELYING PARTIES]], | ||
2 - Identity Providers <br> | 2 - Identity Providers <br> | ||
3 - Attribute Providers <br> | 3 - Attribute Providers <br> | ||
Revision as of 13:31, 21 May 2018
<< Back to Baseline Functional Requirements Index
USABLE-1. USABILITY PRACTICES
Entities conducting digital identity management functions MUST apply user-centric design, and industry-accepted appropriate usability guidelines and practices, to the communications, interfaces, policies, data transactions, and end-to-end processes they offer, and remediate significant defects identified by their usability assessment.
SUPPLEMENTAL GUIDANCE
All user experience in a digital identity management role will conform to this requirement and other USABLE requirements.
The term "user-centric" design is a key tenet and requirement of the IDESG founding document: the National Strategy for Trusted Identities in Cyberspace (NSTIC) dated April 15, 2011. This term is further described in Appendix A and is a common term in the User Experience domain.
The term “user-centric” permeates the NSTIC Strategy (now stored at: https://obamawhitehouse.archives.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf) and the IDESG principles, dated April 15, 2011. This term is further described in Appendix A and is a common term in the User Experience domain. Besides those items related to security, privacy and interoperability, these UX items are part of the strategy:
• Transparency, the user understands the data collected and how it will be used
• Reduced Cognitive Load on the User, minimize the number of authentication factors, like passwords.
• Easy to Use by automating the user’s ability to know and change data held about them.
• Improve confidence by showing users that web sites are part of a trusted framework.
• Choice to present alternative identifiers or authentication servers to authorize access.
REFERENCES
Consult the UXC Resources page for examples of non-normative UX practices. An archived version as of October 2015 is stored at: https://workspace.idesg.org/kws/public/download.php/60/UXC-Resources.docx
Consult the UXC Dictionary page for examples of UXC definitions of terms in these requirements and supplemental guidelines, in addition to those provided in Appendix A to this document. An archived version as of October 2015 is stored at: https://workspace.idesg.org/kws/public/download.php/59/UXC-Dictionary.docx
APPLIES TO ACTIVITIES
REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION
APPLIES TO ROLES
RELYING PARTIES,
2 - Identity Providers
3 - Attribute Providers
4 – Intermediaries
KEYWORDS
ASSESSMENT, DESIGN, REMEDIATION, USABILITY
Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |