WASHINGTON - The National Institute of Standards and Technology (NIST) today announced a competition to award a total of approximately $10 million for pilot projects to accelerate progress toward improved systems for interoperable, trusted online credentials that go beyond simple user IDs and passwords. The competition will be managed by the NIST-hosted national program office for the National Strategy for Trusted Identities in Cyberspace (NSTIC), a White House initiative to work collaboratively with the private sector, advocacy groups, public sector agencies, and others to improve the privacy, security, and convenience of online transactions.
The NSTIC vision is for individuals and organizations to have secure, efficient, easy-to-use and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice and innovation.
"We're looking for innovative approaches that can advance the NSTIC vision and provide a foundation upon which a trusted, user-centric Identity Ecosystem can be constructed," said Jeremy Grant, NIST's senior executive advisor for identity management. "We can help to grow the online economy by enabling the advancement of promising new privacy-enhancing identity solutions – and ways to use them – that do not exist in the marketplace today."
According to the Federal Funding Opportunity (FFO) , NIST anticipates funding five to eight projects for up to two years in the range of approximately $1.25 million to $2 million per year, though proposals requesting smaller amounts may be considered. The deadline for submitting initial proposals is March 7, 2012.
The FFO cites a number of barriers that have prevented identity solutions from being widely deployed in the marketplace including:
- the need for technical standards that ensure interoperability among different identity authentication solutions;
- a lack of clarity about liabilities when something goes wrong;
- no common standards for privacy protections and data re-use; and
- issues with ease of use for some strong authentication technologies.
NIST seeks proposals that address some or all of these barriers while adhering to the four central principles guiding NSTIC; identity solutions should be privacy enhancing and voluntary, secure and resilient, interoperable, cost effective and easy to use.
For example, the FFO notes that proposals could include, but are not limited to, technologies or approaches that:
- create identity hubs to quickly validate credentials with strong authentication methods meeting agreed upon standards,
- provide incentives for consumers to use trusted authentication methods in lieu of user IDs and passwords,
- include improved ways to enhance consumer privacy, while simultaneously meeting business and security needs, or
- demonstrate interoperability across various technologies such as smart cards, one-time passwords, or digital certificates.
To apply for funding proposers must be: accredited institutions of higher education; hospitals; non-profit organizations; commercial organizations; or state, local, and Indian tribal governments located in the United States and its territories. An eligible organization may work individually or include proposed subawards or contracts with others in a project proposal, effectively forming a team or consortium.
On Feb. 15, 2012, NIST plans to host a proposer's conference from 9 a.m. to 12 noon at the Department of Commerce in Washington, D.C., to offer guidance on preparing proposals, explain criteria to be used in making awards, and answer questions from the public. The event will include a live Web cast. Participants my ask questions through Twitter and live tweets using the event hashtag, #NSTIC.
A copy of the full text of the National Strategy for Trusted Identities in Cyberspace signed by President Obama in April 2011 is available at: http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf.