Bookmark and Share | Log in | CONTACT US | HOME | SEARCH
 
 

 Subscribe in a RSS reader Subscribe via Email

Announcing leadership of Kantara Initiative’s Identity and Access Services Work Group (IASWG)
Congratulations to John Tolbert, The Boeing Company & Gavin Illingworth, BMO Financial Group. Both gentlemen will serve as co-leading chairs for Kantara Initiative’s Identity and Access Services Work Group (IASWG).

As co-leading chairs, they received a majority of WG voting participants with all votes in favor of their appointment.  We look forward to the good work to come from this group.

You can review the currently submitted use cases to the IASWG towards their preparation for the Authorization Standards workshop at Burton Catalyst USA in San Diego July 27, 2010.

 Subscribe in a RSS reader Subscribe via Email

Kantara Initiative announces eValid8 as their first Accredited Assessor

Kantara Initiative is proud to announce eValid8 as their first Accredited Assessor for the Identity Assurance Accreditation and Certification Program.

The Identity Assurance Accreditation and Certification Program is committed to helping drive organizational interoperability in order to assure trust in the identity-based experience of end users, Relying Parties and Federation Operators. Kantara-Accredited Assessors perform Assessments of Credential Service Providers based on the Kantara Initiative Identity Assurance Framework and provide a Kantara Assessment Report (KAR) to the Kantara Initiative Assurance Review Board (ARB). The ARB then makes its recommendations to the Board of Trustees concerning the granting of Kantara-approved service status based on the KAR.

The Certification Program assesses applicants against strict criteria according to the Level of Assurance desired to be attained, and grants to candidates of the program the right to use the Kantara Initiative Mark, a symbol of trustworthy identity and credential management services at specified Assurance Levels. The results of this certification program are maintained electronically on the Kantara Initiative website in the Kantara Initiative Trust Status List, which lists both approved services and accredited assessors.

Kantara Initiative is pleased to begin work with eValid8.  The Kantara Initiative Identity Assurance Accreditation and Certification program is now accepting Credential Service Provider applications for Certification. Please address queries regarding the Identity Assurance Accreditation and Certification Program to staff[at]kantarainitiative[dot]org or via our Contact Us form.

eValid8 are a certified IT auditing firm and recognized as a leader in the field of identity management, IT auditing, privacy impact assessment, and regulatory compliance.

 Subscribe in a RSS reader Subscribe via Email

SAML 2.0 Full Matrix Test Event Registration Now Open

We are pleased to announce that registration is now open for the SAML 2.0 Full Matrix Test Event. The deadline for registration for this event is September 13, 2010.

Expanding on the highly successful Liberty Interoperable™ Program, the Kantara Initiative Interoperability Test Program is designed to certify interoperability of products and technologies across multiple identity-related protocols and standards, including SAML 2.0, InfoCard, OpenID, ID-WSF and elements of the WS-* stack (WS-Security, WS-Trust, WS-Federation).

The first Test Event scheduled to occur is the SAML 2.0 Full Matrix Test event. This event will reference the soon to come Kantara Initiative SAML 2.0 Test Plan, the eGovernment SAML Implementation Profile v2.0 and the eGovernment SAML Implementation Profile v1.5.

The test event will take place on-line starting September 20th and running through November 5th, 2010. The fee for this event is $16,000 USD. The Test Event will be operated by our partners the Drummond Group Incorporated.

Register for the event at our SAML 2.0 Test Event Registration page.

Details on the event and reference documents visit the SAML 2.0 Full Matrix Event Details page.

For answers to questions regarding the SAML 2.0 Full Matrix Test Event send us an inquiry via our Contact Us form.

By taking part in this event participants will be further assuring market trust in the interoperability of their implementations through the Kantara Initiative Interoperability Certification Program. We look forward to your inquiries and participation.

 Subscribe in a RSS reader Subscribe via Email

Kantara Initiative Overview – Secure ID podcast by J. Trent Adams
In the third part of the Regarding ID series of podcasts looking at identity standards Editor Zack Martin speaks with J. Trent Adams, chair of the Kantara Initiative Leadership Council. In his day job Adams is Outreach Specialist for the Internet Society working on Trust & Identity Initiative.

The Kantara Initiative is trying to bring unity to the various identification standards underway across the globe. Adams gives listeners an overview of what Kantara is trying to accomplish and how its getting there. Another podcast will be posted this week that discusses the certification programs that Kantara is undertaking.

You can listen to the podcast via iTunes, Aggregator, m4a, mp3.  Stay tuned for further podcasts in the series.

 Subscribe in a RSS reader Subscribe via Email

June News Round-Up

Catch the round up of recent updates from Kantara Initiative:

 Subscribe in a RSS reader Subscribe via Email

Authorization Standards Workshop at Burton Catalyst San Diego, July 27, 2010, 12:30-2:30pm
When: July 27, 2010 12:30-2:30pm, Room Aqua 304, Hilton Bayfront Hotel

Where: Burton Catalyst San Diego

Title: Authorization Standards Workshop

Abstract: As authorization generally follows authentication in a given online transaction, standardization of authorization has generally followed that of web authentication standards like SAML, WS-Federation, and OpenID. This workshop will explore developments & trends in authorization standards, including OAuth (a community initiative now being standardized within the IETF), User-Managed Access (evolving within the Kantara Initiative) and XACML (an OASIS standard). We’ll also look at some authorization use cases that may imply new requirements of these protocols. Through a combination of presentations, panels and demonstrations – we’ll explore how these existing & emerging authorization standards fit into the enterprise & social web infrastructure.

Agenda:
Welcome, Intro & Overview, Paul Madsen – 5 mins

Preso 1 - XACML 3.0 Update
It’s been more than 5 years since eXtensible Access Control Markup Language (XACML) version 2 was standardized at OASIS. In the meantime XACML has grown in popularity as a standard and the number of production XACML implementations continues to grow steadily. XACML 3.0, currently in the final stages of ratification, contains significant enhancements that will enable it to keep pace with growing enterprise demands. In this session, Gerry Gebel will describe the enhancements to version 3.0, including the SAML 2.0, Delegation and Multiple Decision Request profiles. Gerry will also provide use case samples of how new features of XACML 3.0 can be implemented.
Gerry Gebel, Axiomatics – 20 mins

Preso 2/use case - OAuth
As today’s businesses increasingly shift their processes into the cloud, a simplified set of design patterns and standards are required to harmonize the speed and compelling economics of the cloud with companies’ existing Identity management systems and processes.   Topics will include the evolution of OAuth2, and it’s applicability to enterprise use-cases for cloud authorization and API federation.
Chuck Mortimer, Product Management Director, Identity & Security, Salesforce.com – 20 mins

Break 5 mins

Preso 3/use case - IASWG overview and review of authorization use cases
Describe IASWG purpose and goals, review authorization use cases received by IASWG thus far, review Concordia AuthZ Survey results.
John Tolbert, Boeing & Gavin Illingworth, BMO – 20 mins

Preso 4/use case – OpenAz: Building and Deploying XACML PEPs for Attribute-Based Access Control
There is an increasing consensus that access control decisions should be externalized from applications or services to a policy engine implementing a PDP. To take full advantage of this model, one needs to embed PEPs in applications, middleware and services in a performant and flexible way. OpenAz (http://openliberty.org/wiki/index.php/Main_Page#OpenAz) is an open source project aimed at creating language bindings for the XACML PEP request-response protocol. A sample implementation of the Java AzApi, which implements the XACML PEP protocol, is available from the OpenAz website.
Prateek Mishra, Oracle – 20 mins

Preso 5/use case - Federation Authorization and the Cloud – Why A Pragmatic Approach is Important
Pam Dingle will discuss what organizations are doing today in the context of federation and authorization. Further he will examine what are the next pragmatic steps organizations should consider such that they can successfully implement a federated authorization model for cloud computing.
Pam Dingle, PingID – 20 mins
Closing comments 10 mins

Event details: http://www.catalyst.burtongroup.com/NA10/ConferenceElements.html

Please RSVP to Dervla O’Reilly, dervla[at]kantarainitiative[dot]org

Burton Catalyst agenda: https://burtongroup.wingateweb.com/na2010/scheduler/weekAtGlance.do

Subscribe via email

Enter your email address:

Delivered by FeedBurner

  

WIKI | Schedule | Groups | Membership | Connect | Contact Us | Home

Privacy Statement

© Copyright 2009 - Kantara Initiative. All Rights Reserved