RSA Conference week is always a whirlwind. NIST was there front and center last month, and we learned a lot, shared a lot, and made a big announcement during the festivities…
We were excited to announce that NIST’s DRAFT Identity and Access Management Roadmap was released for public comment on Friday, April 14th and that the comment period will be extended to June 16th.
What is the Roadmap?
The Roadmap provides a consolidated view of NIST’s planned identity efforts over the coming years and serves as a vehicle to communicate our priorities. It provides guiding principles, strategic objectives, aligns NIST efforts with nationally-defined priorities, and supports long-term planning of identity and access management (IAM) initiatives. It covers a diverse array of projects including biometric technology evaluation, Mobile Driver’s License, and fraud detection using Privacy Enhancing Technology. It also integrates teams and disciplines from across NIST.
What are NIST’s IAM Guiding Principles?
In addition to communicating strategic priorities, we are using the roadmap to reinforce the core values that define our efforts. These are represented by five guiding principles that will be imbued in our work, whether it be via guidance, research, or reference implementations:
Taken together, these principles are intended to set the conditions for responsible innovation - the idea of driving towards new technologies and solutions in a manner that is informed by the broader impacts associated with technological change.
What are NIST’s Strategic Objectives?
The Roadmap highlights eight strategic objectives – with numerous planned supporting activities that NIST intends to explore in the coming years:
Each of these objectives are multi-year in nature, with expected collaboration between and across government, academia, and industry— which NIST considers a critically important part of the process (and ultimately, necessary for success). Projects in support of these objectives will run the spectrum from foundational, pre-standardization research to full National Cybersecurity Center of Excellence (NCCoE) Practice Guides (basically, our “how to” resources).
How can I get involved?
You can start by commenting on the roadmap! We published it to gain feedback from the broadest possible spectrum of interested parties. So…please read it, send it to a friend, pass it around your community, and send us your thoughts! To submit your comments email us at digital_identity [at] nist.gov (digital_identity[at]nist[dot]gov) by June 16th, 2023.
You can also follow our work on the IAM Program page, join one of our Communities of Interest at the NCCoE (such as the one for Digital Identities - Mobile Driver’s License), attend our events, or comment on our guidance. For those of you attending Identiverse we will be giving a presentation covering the roadmap with a specific emphasis on our mDL, PIV Modernization, and international interoperability efforts. We look forward to hearing and learning from you all along the way.