February 6, 2014 Meeting page

From IDESG Wiki
Jump to navigation Jump to search

SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES

Meeting Date; February 6, 2014

Attendees (see link to attendance and quorum calculation spreadsheet File:Sec Comm Member List 20140206.xlsx)

  1. Adam Madlin
  2. Andrew Hughes
  3. Ann Racuya-Robins
  4. Art Friedman
  5. Ben Wilson
  6. Chan Lim
  7. Christopher Spottiswoode
  8. Jonathan Rosenberg
  9. Mark Wallace
  10. Ryan Galluzzo
  11. Sal D’Agostino
  12. Seetharama Durbha
  13. Steve Orrin
  14. Win Baylies


NOTES

  1. Roll call was taken
  2. Functional Model, attached to Adam’s e-mail / agenda, will be reviewed, updated by Adam following today’s meeting.
  3. Last week’s discussion – topics are proceeding, Adam will post Sal’s meeting notes. Use case selection to be discussed later today.
  4. Functional Model. Adam will present our current work Feb 26th to Trust Framework Committee, called “Draft Functional Elements”. To include schedules for
    1. Deliverables release
    2. Feedback
    3. Update
    4. Publish
    5. Review above in ~ 2 weeks
  5. Gap Analysis – 14 current use Cases will be examined using gap analysis templates (on-line wiki sources), or other gap analysis tools, for existing models – NSTIC, others, NSTIC Pilots, Daon Model, . . . etc. Art suggested the teams identify existing gap analysis tools and which ones could apply to NSTIC identity systems. For instance:
    1. InCommon Identity Assurance Package
    2. NIST 800-63
    3. 4-party Authentication
    4. Daon Componentized Services / Credential Services
    5. Ryan Galluzzo will examine these and report next week
  6. Next Steps
    1. Analysis work off-line [see list] on current Use Cases
    2. Review results
    3. Target 1st-pass review next week. Adam will write a guideline and Ryan Galluzzo will supply a template for this work.
    4. Adam will supply a Functional Model list.
    5. Check visuals against anticipated use for each functional element: are the elements in current figures sufficient? What others are needed?

USE CASE GAP ANALYSIS ASSIGNMENTS

Volunteers to examine / report on the following cases [item numbers from Wiki listing]

Use Case # Description Assignment
1 Device Integrity Supporting User Authentication Steve Orrin
2 Authenticate Person Use Case Adam Madlin
3 Identify Proofing Use Case Ben Wilson
4 Cryptographic Authentication for Access to Online Resources Chan Lin
5 Delegated Authentication for User Managed Access Sal d’Agostino
6 Credential Issuance Use Case Seetharama Durbha
7 Access Age Restricted Content Use Case Seetharama Durbha
8 Privacy Enhanced by User Agent TBD
9 Secure Anonymous Digital Identity Future
10 Trust Elevation Use Case Mark Wallace
11 Four Party Authentication and Authorization Use Case Ryan Galluzzo
12 Un and Underserved People Use Case Ann Racuya-Robins
13 Selectively Disclose Attributes Use Case Christopher Spottiswoode
14 Remote Electronic Identity Proofing Use Case Win Baylies




Quick Links: Security Committee | Functional Model | Security Committee Meeting Notes | Security Committee Content