Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Launching iGov: secure and privacy-enhancing identity authentication and authorization profiles developed on an international scale

International collaboration among the public and private sectors is now expanding with the announcement of a new OpenID Foundation (OIDF) working group called the International Government Assurance Profile (iGov)—launching on October 26th at the OIDF Workshop in Mountain View, California. The iGov profile working group will develop an interoperable profile of OpenID Connect (OIDC) to allow users to authenticate and share consented attribute information in a consistent and user-centric manner. With over 10 international governments and multiple private sector organizations already participating, iGov will set the foundation for secure and privacy-enhancing authentication and authorization transactions based on common requirements from the global community. The primary objectives of developing this profile in an open forum are two-fold:
  1. Harness the collective experience and lessons learned of multiple international governments to develop a security and privacy profile that can be utilized across a range of public sector online offerings, and
  2. Obtain buy-in from private sector partners and product vendors that deliver technologies for digital identity services.
Through this collective effort, product vendors can enhance their solutions once to be internationally conformant—rather than clogging their product pipeline with multiple costly enhancements focused on satisfying one government at a time. This, in turn, reduces integration time to enable trusted identity transactions, allowing governments to accelerate the delivery of citizen-centric services. As more and more public sector services incorporate the iGov profile into their identity infrastructures, global interoperability will shift from something to which we all aspire to something that is built into the underlying fabric of identity services. The scope of the working group is to:
  • Develop a set of internationally-applicable use cases and requirements to expand the current portfolio,
  • Define a set of profiles for OAuth 2.0 and OIDC,
  • Promote progressive harmonization with existing specifications and protocols as appropriate, and
  • Support deployment architectures that are common in today’s marketplace.
To provide iterative testing and feedback along the way, Connect.Gov, the U.S. government’s shared service for privacy-enhancing authentication and attribute delivery, will pilot the iGov profile with early-adopter agencies. When the iGov profile is complete, it will be road-tested and ready to go! Objective 4.2 of the NSTIC calls for international integration of the Identity Ecosystem, and the number of governments and private sector partners actively participating in this effort is a terrific indication of the flourishing partnership of diverse stakeholders; we are one step closer to a rich ecosystem of innovative products for identity services! We already have a great group of collaborators, but we’re always looking for more active participation to make this working group as successful as possible—so please visit the newly launched iGov website to find out more about how to join. For more information, feel free to read the iGov charter and subscribe to the mailing list. You can also follow the NSTIC NPO on Twitter to get additional updates in the future.

Comments

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.