We’re thrilled to announce that on January 12-13, 2016, the NSTIC National Program Office, with our colleagues here in NIST’s Information Technology Lab, will hold a technical workshop called ‘Applying Measurement Science in the Identity Ecosystem.’ Participants will collaborate about ways to measure and compare the performance of key solutions in the Identity Ecosystem, specifically:
- Strength of identity proofing, both remote and in-person;
- Strength of authentication with a focus on biometrics; and
- Attribute confidence to assist in effective authorization decision making.
This two-day event at the NIST campus in Gaithersburg, Maryland, will bring together leading security practitioners, solution providers, experts, and policy makers from across sectors. With the growth of available solutions in the market, the NPO believes it’s now time to improve the science behind identity assurance—and that the agencies and industry will benefit from better tools to measure the performance of solutions.
NIST is shifting its focus to these issues at a vital time. Last October, President Obama’s Executive Order 13681
called for multi-factor authentication and effective identity proofing processes in federal agencies’ digital services that involve personal data. Emerging technologies, like those in mobile and biometrics, are poised to be game-changers in the way we think about identity and access management. Based on these innovations, the explosion of tools and techniques in the market, and the need to remain flexible in guidelines and standards, we believe metrics are a critical element of well-informed risk decisions. By aligning risk tolerance with a measure of strength in proofing and authentication-- or attribute confidence-- agencies can determine exactly what market solutions best can meet their needs.
In the coming months we will release a series of brief white papers addressing each of the primary focus areas for the workshop. With the white papers as a starting point, stakeholders will have an opportunity to provide critical feedback at this workshop and guide our next steps—which we envision will be critical inputs to federal guidance on each of these topics as well as international standards. To make these efforts meaningful we need engagement from a diverse array of stakeholders on how measurement science and risk practices can be aligned to help mitigate the cyber threats we all face today. Bring your solutions and your insight to the table and help us improve online identity!
Stay tuned for registration information on our new NSTIC events page
and for the release of our white papers.
…and remember to follow us on Twitter