International collaboration among the public and private sectors is now expanding with the announcement of a new
OpenID Foundation (OIDF) working group called the International Government Assurance Profile (iGov)—launching on October 26
th at the
OIDF Workshop in Mountain View, California. The iGov profile working group will develop an interoperable profile of OpenID Connect (OIDC) to allow users to authenticate and share consented attribute information in a consistent and user-centric manner.
With over 10 international governments and multiple private sector organizations already participating, iGov will set the foundation for secure and privacy-enhancing authentication and authorization transactions based on common requirements from the global community. The primary objectives of developing this profile in an open forum are two-fold:
- Harness the collective experience and lessons learned of multiple international governments to develop a security and privacy profile that can be utilized across a range of public sector online offerings, and
- Obtain buy-in from private sector partners and product vendors that deliver technologies for digital identity services.
Through this collective effort, product vendors can enhance their solutions once to be internationally conformant—rather than clogging their product pipeline with multiple costly enhancements focused on satisfying one government at a time. This, in turn, reduces integration time to enable trusted identity transactions, allowing governments to accelerate the delivery of citizen-centric services. As more and more public sector services incorporate the iGov profile into their identity infrastructures, global interoperability will shift from something to which we all aspire to something that is built into the underlying fabric of identity services.
The scope of the working group is to:
- Develop a set of internationally-applicable use cases and requirements to expand the current portfolio,
- Define a set of profiles for OAuth 2.0 and OIDC,
- Promote progressive harmonization with existing specifications and protocols as appropriate, and
- Support deployment architectures that are common in today’s marketplace.
To provide iterative testing and feedback along the way,
Connect.Gov, the U.S. government’s shared service for privacy-enhancing authentication and attribute delivery, will pilot the iGov profile with early-adopter agencies. When the iGov profile is complete, it will be road-tested and ready to go!
Objective 4.2 of the NSTIC calls for international integration of the Identity Ecosystem, and the number of governments and private sector partners actively participating in this effort is a terrific indication of the flourishing partnership of diverse stakeholders; we are one step closer to a rich ecosystem of innovative products for identity services!
We already have a great group of collaborators, but we’re always looking for more active participation to make this working group as successful as possible—so please visit the newly launched
iGov website to find out more about how to join.
For more information, feel free to read the iGov
charter and subscribe to the
mailing list. You can also follow the NSTIC NPO on
Twitter to get additional updates in the future.