Distributed Attributes for a Resilient Identity Ecosystem

From IDESG Wiki
Jump to navigation Jump to search

Full Title

Distributed Attributes for a Resilient Identity Ecosystem - DARIE

This is a current plan (2019-05-22) based on the original proposed charter.

Purpose

This plan supports the adoption of the IDEF Registry by enabling a wide range of identifiers and distributed sources of user attributes. The goal is a resilient identity ecosystem where users have choices and protections for their private information. The specific goals are:

  1. User have the choice to pick identifiers that they want, either under their own control or under centralized control.
  2. Relying Parties can get the level of assurance that they need for authentication the user's identifiers.
  3. The identity ecosystem will be resilient to any innovations or disruptions caused by technology or regulatory changes.
  4. Trust service providers will offer their services to users with an accessible and convenient user experience.
  5. Domain specific profiles will be encourage to enable a range of both vertical industries and horizontal user groupings.
  6. Support for adoption of the IDEF registry by maintaining the current registry an proposing changes to the IDEF guidelines when the need arises.

Scope of Work

The scope will focus on these specific areas based on the existing IDEF Registry and extensions:

  1. Continued support for the acquisition of self-attestation of the existing IDEF Registry.
  2. A developmental sandbox where developers can try out their products and lead to the adoption of specifications for app certifications.
  3. A proposal to fund a user experience metric that can be used to help users pick the services appropriate to their needs.
  4. A set of profiles for vertical industries, starting with collaboration with the Health Information Advisory group within Kantara.
  5. Documentation of a common API to be used for querying web platform attestations.

Current Proposed Work Product

  1. Sandbox example has been constructed by Tom Jones to show how Kantara might be able to provision one. See his evolving work with the emergency contact use case at http://controls.azurewebsites.net
  2. Consumer Ratings system is now in process. See this law review article from Christopher Savage just published through Stanford Law School, Managing the Ambient Trust Commons: The Economics of Online Consumer Information Privacy and inspiring a huge amount of discussion and thinking on the Project VRM list.
  3. Framework Profiles has been started but is on pause until the Health Care Profile is completed
  4. Health Care Profile is already under active development by the team. See that document for 8 use cases including the emergency contact that is in active development.
  5. Financial Profile has been started, but is still basically just a placeholder.
  6. The Trust Framework Membership Validation API which was started some time ago and will form the basis for the next stage in creating a consumer-centric trust framework.

References

  • Attestation page for a taxonomy of the service groupings. Specifically the Web Platform and Application will be considered here.