Search results

• Main Page
  == The IDEF Self-Assessment Listing Service (SALS) == ...status through self-assessment with a set of common standards for reliable security, privacy, ease of use, cost savings, and user choice and declare their comm
  3 KB (506 words) - 00:00, 24 January 2020
• Credential Service Provider
  ...e their own credentials is protected storage and ask the CSP to verify the security of those credentials. ...e functions of an [electronic] Identity Proofing and Credential Management Service, either in full or as a discrete component (i.e., a sub-set of the function
  3 KB (467 words) - 01:56, 15 May 2020
• Device Integrity supporting User Authentication
  ...ish an integrity (aka health) claim for a device that, together with other security measures, is good evidence of the integrity of the information exchanged wi Integrity has two meanings in computer security. The first relates to the device not having been changed in any way since i
  12 KB (1,835 words) - 20:44, 5 November 2020
• FBCA Cross-certification Methodology 3.0
  Service Provider CAs, FCPCA, EGCA) are out of scope. The document provides a detail '''Security''': The document is an information security policy and procedures document.
  2 KB (230 words) - 23:00, 18 February 2021
• FICAM TFPAP 1.0.1
  ...non-compulsory and (5) for PII to be protected after the termination of a service. '''Security''': The document is an information security policy.
  3 KB (373 words) - 23:01, 18 February 2021
• February 2, 2016 UXC Meeting Page
  ...ion assertions from another party such as an Identity Provider, Credential Service Provider (CSP), or Trusted Broker. (Sal/Krum) ...rds that UXC is recommending. ISO 29115 has already been submitted by the Security Committee as confirmed by Mary Ellen Condon.
  4 KB (682 words) - 03:58, 28 June 2018
• February 24, 2017 VPWG Meeting Page
  ...the Social Security numbers and information as it relates to the military service of a customer. Draft legislation has been put together that covers how an o ...t access to the Social Security is the Holy Grail. Someone gets the Social Security number and then they can find out all kinds of information about the person
  7 KB (1,073 words) - 03:58, 28 June 2018
• February 26, 2015 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES - '''''draft'''''== *Review security requirements. #1 through #10 discussed in earlier meetings. However, ther
  2 KB (280 words) - 03:58, 28 June 2018
• February 27, 2014 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES - '''draft'''== #**Andrew - this can be an extension of Authentication service
  5 KB (753 words) - 03:58, 28 June 2018
• February 6, 2015 UXC Meeting Page
  ...? What if we created a graph and called out UXC issues around privacy and security around organizations vs individuals. ...rement. “Service providers in the ecosystem follow recognized information security standards, frameworks, and/or appropriate practices.” We could include s
  7 KB (1,070 words) - 03:58, 28 June 2018
• Four Party Authentication and Authorization Use Case
  ...number of actors involved in the process. It describes a case in which a Service Provider obtains information about a User sufficient to make an access cont ...ies and often dictates a specific authentication solution in order for the service provider to authenticate the user.
  7 KB (1,007 words) - 03:58, 28 June 2018
• Functional Requirements
  ##Credential Service Provider (CSP) (A trusted entity hosting a subset of the above roles.) (aka ###Service (silicon based life form, like a newsfeed)
  8 KB (1,315 words) - 19:29, 30 July 2020
• GGG
  <center>'''National Security Telecom Advisory Comm.(NSTAC) Report to the President on Identity Managemen <center>'''Oasis: Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0'''</center>
  845 KB (86,833 words) - 04:00, 28 June 2018
• GGG-R-Z
  <center>'''National Security Telecom Advisory Comm.(NSTAC) Report to the President on Identity Managemen <center>'''Oasis: Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0'''</center>
  135 KB (15,051 words) - 04:00, 28 June 2018
• GGG-Sources
  National Security Telecommunications Advisory Committee (NSTAC) Report to the President on Id Sample agreement between “relying party” and “credential service provider.”
  13 KB (1,562 words) - 04:00, 28 June 2018
• General IDESG Use Case
  ...ing Party (RP) role. This case is specifically designed to include general security, privacy and user experience criteria that will apply by default to all oth ...organization acting through a user agent that needs to access resources of service providers (RPs).
  5 KB (810 words) - 04:00, 28 June 2018
• Generalized Presumptive Authentication
  This design pattern assumes the use of a device connected to internet service providers as described in the [[Common to any Internet Identity Ecosystem]] ...):''' A service provider that needs a collection of claims to provide that service. The claims may relate to financial responsibility or other user attributes
  10 KB (1,596 words) - 20:11, 15 October 2019
• Glossary
  == Terms and definitions specific to the IDESG Self-Assessment Listing Service (SALS) in 2016 == ...that exists, e.g., a person, organization, device, software application or service.
  11 KB (1,758 words) - 04:00, 28 June 2018
• ICAM SAML 2.0 WB SSO Profile 1.0.2
  '''Title''': Security Assertion Markup Language (SAML) 2.0 Web Browser Single Sign-on (SSO) Profi '''Security''': The document is an information security profile. It requires IdPs and RPs to use "approved cryptographic
  2 KB (214 words) - 04:00, 28 June 2018
• IDEF Glossary
  A product, service, environment or facility which is usable by USERs with the widest range of A non-human application or service acting in the digital environment on behalf of a human USER. Synonymous wi
  11 KB (1,496 words) - 23:48, 5 September 2020
• IRS Identity Theft
  This use case helps the IRS determine whether a taxpayer's Social Security Number is being used fraudulently in a tax return. It does this by checking Internal Revenue Service, Social Security Administration, commercial tax preparation software vendors
  10 KB (1,744 words) - 17:43, 25 May 2019
• ISO/IEC 27018 Privacy in the Cloud
  ...ategories and controls that can be implemented by a public cloud computing service provider acting as a PII processor. It has the following objectives. — To help the public cloud service provider to comply with applicable obligations when acting as a PII process
  4 KB (531 words) - 04:00, 28 June 2018
• Identity
  ...private and subject to protections. A high-security pseudonymous identity service (for example a dating website) could verify attributes such as legal names
  2 KB (255 words) - 04:00, 28 June 2018
• Identity Design Patterns
  ...the benefit of the user, not solely for the benefit of the web site of the service provider. The challenge will be to find a way to fund solutions to problems ...ony]] with an Identity or Attribute Provider that has an IDESG Trustmark. (security committee priority 1)
  12 KB (1,958 words) - 17:45, 25 May 2019
• Identity Model
  ...and behaviors, while the data in the [[User Object]] held in some internet service will never contain more than a small subset of those attributes. The model ...entities is considered to be an independent browser. Web apps supplied by service providers are not fully explored in this version.
  56 KB (9,154 words) - 00:16, 30 October 2020
• Identity Modeling Introduction
  ...gram state, it reduces user errors and surprises. A good GUI provides this service. Using an interactive program is like being a doctor trying to navigate a p ...ers deserve. After all the greatest hassle for users is created when their security or privacy are breached. While interoperability is seldom raised as a user
  8 KB (1,351 words) - 21:37, 27 March 2020
• Identity Proofing Use Case
  Identity Proofing is the process by which a Credential Service Provider (CSP) and a Registration Authority (RA) collect and verify informa * Credential Service Provider.
  3 KB (328 words) - 21:41, 10 January 2020
• InCommon Glossary
  '''Security''': ...[[Public Key Infrastructure]], [[Relying Party]], [[Resource Provider]], [[Service Provider]], [[Shibboleth]], [[Sponsored Partner]], [[Support Contact]], [[T
  2 KB (205 words) - 04:01, 28 June 2018
• InCommon IAAF 1.1
  '''Security''': The document is an information security assurance framework. ...he document promotes interoperability by specifying the requirements for a service to operate at the
  2 KB (203 words) - 21:48, 10 January 2020
• InCommon IAP 1.1
  '''Security''': The document is a information security profile at OMB-04-04 levels of assurance 1 and 2. ...he document promotes interoperability by specifying the requirements for a service to operate at the
  1 KB (156 words) - 04:01, 28 June 2018
• Information Ethics and Human Capability
  ...ibilities and the parameters of those requirements and responsibilities to Service Providers in online transactions. At more detailed and granular layers as d ...rinciples and created from a bi-direction approach balancing human userand service provider requirements, desires, and benefits.
  13 KB (1,906 words) - 19:16, 2 July 2021
• Interaction Model Working Group Collaboration Space
  ...erent entities/roles (IdP, RP, User, etc.) that require different privacy, security, UX and other considerations. ...Such considerations will create a context for deriving requirements – like security requirements, UX requirements, and privacy requirements, so on.
  6 KB (888 words) - 04:01, 28 June 2018
• Interop Req 6
  Entities that act as [[IDEF Glossary THIRD PARTIES|THIRD-PARTY]] service providers for another entity, in conducting [[IDEF Glossary DIGITAL IDENTIT ...service provider. For purposes of this Requirement, the term "THIRD-PARTY service provider" refers to THIRD-PARTIES that an assessed entity outsources or del
  3 KB (451 words) - 04:01, 28 June 2018
• January 5, 2016 UXC Meeting Page
  *Standards – ISO 29115 has already been submitted by the Security Committee. **Self-Assessment Listing Service (SALS) will be up soon for examination and Sal requested that UXC review an
  3 KB (391 words) - 04:01, 28 June 2018
• July 31, 2014 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES== #**** A service provider can hold more than one role
  4 KB (608 words) - 04:02, 28 June 2018
• June 4, 2015 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES - '''''draft'''''== ...and Ryan Galluzzo. The task force will bring their findings to the broader Security Committee once they are finished. Again, if anyone joins the call outside o
  3 KB (454 words) - 04:02, 28 June 2018
• Kantara Federal Privacy Criteria
  ...e''': Identity Assurance Framework: Additional Requirements for Credential Service Providers: US Federal ...ia supplement the Kantara IAF level of assurance requirements found in the Service
  848 bytes (97 words) - 00:51, 31 May 2020
• Kantara IAF 1000
  the Service Assessment Criteria (SAC), which establishes baseline criteria for general '''Security''':
  1 KB (128 words) - 04:02, 28 June 2018
• Kantara IAF 1100
  '''Security''': The document defines terms used in a security assurance framework. ...[[Security]], [[Service Assessment Criteria]], [[Signatory]], [[Specified Service]], [[Subject]], [[Subscriber]], [[Threat]], [[Token]]
  2 KB (217 words) - 04:02, 28 June 2018
• Kantara IAF 1300
  ...ments which will benefit both Kantara- accredited Assessors and Credential Service Providers having their services assessed against the IAF Service Assessment Criteria (SAC)
  1 KB (119 words) - 04:02, 28 June 2018
• Kantara IAF 1400
  '''Title''': Identity Assurance Framework: Service Assessment Criteria ...rainitiative.org/confluence/download/attachments/45057040/Kantara+IAF-1400-Service+Assessment+Criteria.pdf
  653 bytes (65 words) - 04:02, 28 June 2018
• March 12, 2015 Meeting Page
  ==SECURITY COMMITTEE NOTES - '''''draft'''''== **Final Security Requirements are due March 16.
  3 KB (478 words) - 04:02, 28 June 2018
• March 5, 2015 Meeting Page
  ==SECURITY COMMITTEE MEETING NOTES - '''''draft'''''== **Requirement #10: Outcome based requirement statement, updated to: Service provider employs secure authentication on protocols for the purpose of demo
  2 KB (325 words) - 04:02, 28 June 2018
• May 14, 2015 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES == *Process FMO Security Requirements feedback
  3 KB (448 words) - 04:02, 28 June 2018
• May 15, 2014 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES == #Security Committee officer elections
  7 KB (1,007 words) - 04:02, 28 June 2018
• May 21, 2015 Meeting Page
  ==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES - '''''draft'''''== *Confirm finalized security requirements (confirmation, not detailed discussion)
  3 KB (485 words) - 04:02, 28 June 2018
• Meeting notes from June 2, 2014
  * Privacy, Security, Standards, User Experience, met to discuss requirements coordination. Furt ...rite requirements that cover material changes to services after an initial service agreement is established
  1 KB (190 words) - 04:02, 28 June 2018
• Meeting notes from October 6, 2014
  ...ng how complete/accurate/timely data is that they collect to provide their service. How do we provide guidance to companies based on risk of that transaction ...tion in the Identity Ecosystem, organizations shall, while maintaining the security of individuals’ information, transfer it upon their request and destroy i
  2 KB (278 words) - 04:02, 28 June 2018
• NIST IR 7693
  '''Category''': Security Requirements Specification '''Description''': Part of the Security Content Automation Protocol (SCAP), Asset Identification is a language for
  2 KB (204 words) - 04:02, 28 June 2018
• NIST SP 800-63-2
  '''Category''': Security Control Implementation Guide '''Security''': The document is an information security guideline. The requirements in the document are grouped into four
  4 KB (459 words) - 23:02, 18 February 2021

View (previous 50 | next 50) (20 | 50 | 100 | 250 | 500)