Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The IDESG hits a big milestone on the road to creating the Identity Ecosystem Framework

The Identity Ecosystem Steering Group (IDESG) has been hard at work delivering on version 1 of the Identity Ecosystem Framework (IDEF). This week, the steering group hit a major milestone: meeting a March 16th deadline for developing baseline requirements for the IDEF. While this is a big milestone for the IDESG, it also marks an important moment for private sector stakeholders interested in participating in the Identity Ecosystem (IE), since the upcoming IDEF – due out this summer – will enable individuals and organizations to start using a new generation of more secure, convenient, privacy-enhancing credentials that are interoperable across the internet.

The IDEF is the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the IE. This framework ultimately provides a baseline set of standards and policies that apply to all of the IE participants. Over the last year, four IDESG committees (privacy, user experience, security, and standards)—each of which is dedicated to building parts of the IDEF—have been working toward the IDEF by developing requirements. The committees have been dutifully mapping these requirements to the IDESG functional model, which breaks down all aspects of an identity interaction. All four committees have officially submitted these requirements to the IDESG Framework Management Office, which will now work to harmonize the committees’ efforts into one cohesive deliverable.

The IDESG will soon use these requirements for its self-assessment program, set to launch this summer; organizations will be able to attest that they comply with these version 1 “baseline” functional requirements. Heading into the next phase of work, the IDESG will then determine the mechanics of how organizations will self-assess compliance.

We’re thrilled to see IDESG members hit this major milestone. This marks the fulfillment of a major goal of the NSTIC—to define what an “interoperable, easy to use, secure, and privacy-enhancing” IE really looks like. We look forward to what is next for IDESG and are proud of the tireless efforts of its staff and many great volunteers!

Follow the NSTIC NPO on Twitter for the latest updates.

About the author

Related posts

Let’s talk about IoT device security

NIST’s Cybersecurity for the Internet of Things (IoT) Program is beginning stakeholder engagement on identifying a core set of cybersecurity capabilities

Comments

Add new comment

  • This question is for testing whether or not you are a human visitor and to prevent automated spam submissions. Image CAPTCHA
    Enter the characters shown in the image.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Posts that violate our comment policy will not be posted.