Interop Best Practice F
<< Back to Baseline Functional Requirements Index
INTEROP-BP-F. RECOMMENDED FEDERATION COMPLIANCE
When conducting digital identity management functions within an identity FEDERATION, entities SHOULD comply in all substantial respects with the published policies and system rules that explicitly are required by that FEDERATION, according to the minimum criteria set by that FEDERATION.
This best practice applies to entities that participate in a structured identity federation with published policies and system rules that apply to all participants in the federation. Entities are responsible for assessing and monitoring their own compliance with federation or system rules, except in cases where those rules provide for additional measures. This best practice only recommends that an entity confirm that they are in substantial compliance in all respects with the rules of the federation when operating within that federation.
Regarding "digital identity management functions", see Appendix A.
References for Federation policies and rules:
- InCommon Bronze/Silver Identity Assurance profile, https://www.incommon.org/docs/assurance/IAP.pdf
- Kantara Identity Assurance Framework, https://kantarainitiative.org/confluence/display/certification/Identity+Assurance+Accreditation+and+Approval+Program
- FICAM Trust Framework Provider Adoption Process, http://www.idmanagement.gov/documents/trust-framework-provider-adoption-process-tfpap-all-levels-assurance