This page is ARCHIVED. Please visit https://www.nist.gov/identity-access-management for current information on NIST’s Identity and Access Management work.
NIST’s approach to digital identity focuses on achieving an environment in which individuals and organizations utilize secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation.
The drive toward this vision focuses on two high-level goals of government and commercial adoption through the advancement of foundational activities in standards, technology, and measurement science. To achieve these, NIST employs four primary tactics: partnerships, publications, market intelligence, and communications.
Catalyzing the marketplace, filling gaps, and improving the future
The pilots program seeds the marketplace with trusted digital identity solutions to accelerate the growth of privacy-enhancing, secure, interoperable, and convenient solutions. The pilots develop and deploy technology, models, and frameworks that wouldn’t otherwise exist in the marketplace. The pilots program’s cross-market use cases have catalyzed and scaled solutions for protecting children’s online privacy, improving veterans’ access to benefits, and securing patients and providers’ access to electronic health records.
Laying the foundation for a vibrant identity ecosystem
The Identity Ecosystem Framework (IDEF) is a set of core documents laying the groundwork for better digital identity transactions. Developed by the private-sector led Identity Ecosystem Steering Group (IDESG), version 1 of the IDEF represents three core documents that describe the Identity Ecosystem and the requirements, best practices, and approved standards needed to be considered in compliance with it. The IDEF serves as the foundation for the IDEF Registry, which enables businesses and organizations to identify trusted digital identity service providers and more easily adopt trusted identity solutions. For more information on the IDESG, the IDEF, and the IDEF Registry, visit the IDESG’s website.
NIST publishes formal documents, whitepapers, and informal communications to share progress, seek feedback via public comment periods, and recap workshops and other events.
Check out all of the TIG publications.
An Introduction to Privacy Engineering and Risk Management in Federal Systems (NISTIR 8062) | PDF
NIST identifies, collects, and analyzes metrics to gain greater insight into the development and adoption of trusted digital identity solutions. This work aids NIST in measuring the market shift toward these solutions and honing efforts moving forward so that NIST most effectively uses program resources. NIST is using market intelligence to keep up with the pulse of the market and to hone efforts in transitioning from addressing broad challenges to specific gaps and impediments in the market.
User perceptions in digital identity | more
NIST leverages external communications to inform the public about its work and engage a variety of audiences to collaborate on projects. NIST also coordinates communications internally to align efforts and maximize the impact of NIST’s investment in cybersecurity initiatives.
Check out the I Think, Therefore IAM blog.
The TIG is sharing primers on a variety of identity-related topics, focusing on knowledge-sharing and public awareness. Please check back soon for more!
What's multi-factor authentication (MFA)? | more
Coffee Chat with Michael Kaiser, Executive Director, National Cyber Security Alliance | more
Six Small Cybersecurity Steps You Should Take. Today. | more