Congratulations to Rich Furr who will serve as the new Identity Assurance WG Vice Chair.

The focus of the Identity Assurance WG is to foster the adoption of trusted on-line identity services. To advance this goal, the group will provide a forum for identifying and resolving obstacles to market and commercial acceptance that have limited broad deployment and adoption of trusted identity services thus far.

As Head, Global Regulatory Affairs, Policy & Compliance, SAFE-BioPharma, Association since September 2007, Rich is the SAFE point of contact for activities with the FDA, EMA, EU National Competent Authorities and the PMDA in Japan. He is also the liaison for ongoing activities with the other health related standards organizations such as HL7 and the Electronic Health Initiative (eHI).

Rich can be reached at rfurr[at]safe-biopharma[dot]org

Please join in welcoming Rich – we look forward to the continued work of the Identity Assurance WG.

Kantara Initiative is happy to announce the formation of the Trust Framework Meta Model Work Group (TFMM WG).

The Trust Framework Meta Model will define the components of a Trust Framework and provide a mechanism for comparing Trust Frameworks developed by communities. Also, the Trust Framework Meta Model will be a reference resource, not only within Kantara Initiative activities, but also for any community seeking to understand the Trust Framework concept and for potential use as guidance toward the development of Trust Framework components. The group will also serve as a point of convergence for Trust Framework activities within Kantara Initiative as well as for external groups (referenced under Related Work and Liaisons) so that such work will be understood in terms of placement according to the TFMM.

For more information on the TFMM WG, please visit the home page here: http://kantarainitiative.org/confluence/display/TFMMWG/Home

See the video and slide introduction and learn more about use cases and the meta model.

Join the Group: http://signup.kantarainitiative.org/?selectedGroup=29
Review the Charter: http://kantarainitiative.org/confluence/display/TFMMWG/Charter
Mail list and Archives: http://kantarainitiative.org/pipermail/wg-tfmm/
Designated IPR Policy options for operation – Option Creative Commons Attribution-Share Alike: http://kantarainitiative.org/confluence/download/attachments/2293776/Kantara+Initiative+IPR+Policies?version=1&modificationDate=1263257933000

We are happy to announce that the Federation Operator Guidelines (FOG) Version 1.0 has passed the All-Member Ballot and is now an official Kantara Initiative Recommendation.

The document provides guidelines for an identity federation operator, an entity that defines and oversees a collective of cooperating credential service providers and relying parties. If you want to get a better understanding of the FOG Recommendation, the document can be found on the Kantara Initiative site.

Congratulations to the Identity Assurance Work Group (IAWG) and it’s members for their diligent work in completing this Recommendation.  Thanks to all who voted — this is a major milestone for Kantara Initiative with more to come in 2011.

Congratulations to Frank Villavicencio and Myisha Frazier-McElveen on their elections as Co-chairs of Kantara Initiative’s Identity Assurance Work Group (IAWG).

This is an exciting time in the IAWG. As we charge forward with an aggressive 2011 agenda, we look forward to their strong leadership in working toward the common goal of accelerating Kantara’s visibility and contributions to the Identity Management / Privacy Communities.

Congratulations again to Frank and Myisha.

Join a great lineup of thought leaders & industry professionals at BrightTALK’s free, online Authentication Summit on October 7, 2010. The live, vendor-neutral, interactive webcasts will cover the new threats to authentication and the impact of emerging technologies like mobile and online banking, web applications, email, etc. They will also look into new tools to meet the new demands for user authentication, as well as best practices on finding the right balance and the appropriate level of authentication for your organization.

REGISTER: http://www.brighttalk.com/r/SHf

WHEN: Thursday, October 7, 2010, attend live online throughout the day or afterward on-demand at your convenience

TOPICS AND PRESENTERS:
“Identity Assurance in Everyday Life” – 9am PDT
Frank Villavicencio, EVP, Identropy & Chair of Kantara Initiative’s Identity Assurance Work Group

“Authentication and Strong Authentication in Web Applications”
Sylvain Maret, Authentication Evangelist & Swiss Chapter Leader, OpenID

“Identity and Access Management in the Real World: Getting it Done”
Jonathan Sandar, Identity and Security Analyst, Quest Software

“Balance between Security and Convenience”
Rachael Stockton, Principal Product Marketing Manager, RSA, The Security Division of EMC

“Privileged Access Management and the Cloud Drive Innovation”
Richard Stiennon, Chief Research Analyst, IT-Harvest

“Meeting New Demands for User Authentication”
Steven Furnell, Head of School of Computing, Plymouth University

Review the full schedule and register to attend any or all of the free summit webcasts at http://www.brighttalk.com/r/SHf

You will be able to attend any or all of the presentations, submit real-time questions to presenters, and vote in audience polls. If you are unable to attend the webcasts live, you can also view them afterward on-demand.

Kantara Initiative is proud to announce eValid8 as their first Accredited Assessor for the Identity Assurance Accreditation and Certification Program.

The Identity Assurance Accreditation and Certification Program is committed to helping drive organizational interoperability in order to assure trust in the identity-based experience of end users, Relying Parties and Federation Operators. Kantara-Accredited Assessors perform Assessments of Credential Service Providers based on the Kantara Initiative Identity Assurance Framework and provide a Kantara Assessment Report (KAR) to the Kantara Initiative Assurance Review Board (ARB). The ARB then makes its recommendations to the Board of Trustees concerning the granting of Kantara-approved service status based on the KAR.

The Certification Program assesses applicants against strict criteria according to the Level of Assurance desired to be attained, and grants to candidates of the program the right to use the Kantara Initiative Mark, a symbol of trustworthy identity and credential management services at specified Assurance Levels. The results of this certification program are maintained electronically on the Kantara Initiative website in the Kantara Initiative Trust Status List, which lists both approved services and accredited assessors.

Kantara Initiative is pleased to begin work with eValid8.  The Kantara Initiative Identity Assurance Accreditation and Certification program is now accepting Credential Service Provider applications for Certification. Please address queries regarding the Identity Assurance Accreditation and Certification Program to staff[at]kantarainitiative[dot]org or via our Contact Us form.

eValid8 are a certified IT auditing firm and recognized as a leader in the field of identity management, IT auditing, privacy impact assessment, and regulatory compliance.

The Government of Canada announced a Request For Information, titled “RFI – Secure Channel”, including a call for Accrediting External Credential Service Providers. As can be read from their release below, they are interested in the Kantara Initiative Service Assessment Criterion and Assurance Assessment Scheme and the related supporting Kantara Initiative Assurance Accreditation and Certification Program.

Respond to the RFI:

• RFI – Secure Channel.

Request for Information – Cyber Authentication Renewal
Accrediting External Credential Service Providers
March 11, 2010

Industry consultations on Cyber Authentication Renewal and IT Security Services were held on February 16 and 17, 2010, with Public Works and Government Services Canada (PWGSC) and Treasury Board Secretariat. Following that consultation session, the Government of Canada (GC) would like to inform private-sector organizations that a Request for Information (RFI) on Accrediting External Credential Service Providers is now available on MERX at this link.

The GC is investigating solutions that would allow individuals the option of using their existing credentials in order to gain online access to government programs and services. This proposed approach would provide flexibility to both departments and agencies, and to individuals who access GC services. It would allow departments and agencies to use credentials that are appropriate to the sensitivity of their service offerings, while allowing individuals to choose the credential they wish to use to access any online GC services.

The GC is considering asking external credential service providers to join its credential federation, with an accreditation framework based initially on the Kantara Initiative‘s Service Assessment Criterion and Assurance Assessment Scheme.

Industry organizations are invited to participate in this RFI in order to validate and refine the GC’s approach to electronic authentication and to provide additional information on how to solicit and accredit external credential service providers using a federated model.

Demande d’information – Le renouvellement de l’authentification électronique
Accréditation des fournisseurs externes de justificatifs d’identité
11 mars 2010

Les consultations avec l’industrie à propos du renouvellement de l’authentification électronique et les services de sécurité de TI ont eux lieux les 16 et 17 février dernier avec Travaux publics et services gouvernementaux (TPSGC) et le Secrétariat du Conseil du trésor (SCT). Afin de donner suite aux séances de consultation, le gouvernement du Canada (GC) désire informer les organisations du secteur privé qu’une demande d’information (DDI) au sujet de l’accréditation des fournisseurs externes de justificatifs d’identité est maintenant disponible sur MERX, au lien suivant.

Le GC est à la recherche de solutions qui offriraient aux utilisateurs la possibilité d’utiliser leurs justificatifs d’identité existant afin d’accéder à des services et à des programmes gouvernementaux en ligne. Cette approche proposée offrirait une plus grande flexibilité aux ministères, aux organismes et aux utilisateurs. Elle permettrait aux ministères et aux organismes d’utiliser les justificatifs d’identité appropriés en fonction de la sensibilité des services offerts tout en permettant aux utilisateurs de choisir le justificatif d’identité qu’ils veulent utiliser pour accéder à tous les services gouvernementaux en ligne.

Le gouvernement du Canada envisage de demander aux fournisseurs de justificatifs de joindre sa fédération d’authentifiant avec cadre d’accréditation basée initialement sur les Service Assessment Criterion (critères d’évaluation de service) et l’Assurance Assessment Scheme (programme d’évaluation de l’assurance) de l’initiative Kantara.

Les organisations de l’industrie sont invitées à participer à cette DDI dans le but de valider et de raffiner l’approche du gouvernement du Canada à l’égard de l’authentification électronique et de fournir des renseignements sur la manière de solliciter et d’accréditer les fournisseurs externes de services de justificatifs en utilisant un modèle fédéré.