This is the running update from the Executive Director. Have questions or comments? Suggest some added information or edits? Contact ED colin at kantarainitiative dot org.
Happy Holidays everyone and best wishes for a fruitful and fulfilling 2019!
It's New Year's eve as I write 2018's last Director's Corner on a cloudy but mild winter's day. I hope your weather - be it searing heat in Australia or freezing cold in our most northern climes - has not deterred you from having some well deserved rest, recreation and catch-up time with family and friends.
10 days ago in London, that was exactly the case, as the Gluu World Tour rolled into town and met up with Open Consent Group and other Kantara members for an extended Christmas lunch. With Kantara's 2018 Events Map with its near-on 20 events fresh in our minds, it was great to reflect on the year after having just returned from Brussels where Kantara Programs Manager Ruth and I had been been forward planning Kantara Initiative Europe's 2019 European Union H2020 grant funded NGI_Trust project with other consortia members GEANT, Fraunhofer, Tecnalia , EFIS and EDN. When the call opens in February to European-based entities, you'll see our KIPI R&D submission process re-purposed for use in Europe that, together with our deep relationship with communities doing ground-breaking work in the digital identity, access and privacy-preserving domains, is the reason Kantara was invited to join this consortium in an already highly successful call.
Reflecting on 2018 from Kantara's perspective, it has been good overall. Kantara has significantly consolidated its finances over 2017, with net membership growth despite some churn.
The KIPI R&D program has seen two projects to progress through Phase 2 (Execution), with Lockstep's MDAV project already in Phase 3 Transition to Commercialisation branded as ValIDidy while Phase 3 determination on Exponent's MOB4PACS project that uses smartphones as PIV cards with NFC and BLE has been caught in the federal government shutdown. Both of these are stunningly concepted projects capable of significant commercial exploitation for the right investment partner and I will be happy to introduce interested parties.
Kantara's other major program, the Trust Framework and Assurance program, had a busy and progressive year. Together with its Working Group steward the IAWG and its governance body the Assurance Review Board, the Service Assessment Criteria for NIST's SP 800-63-3 Digital Identity Guidelines were developed and deployed for Kantara's accredited assessors to review the compliance of identity and credential providers' services seeking Kantara's grant of Trust Mark upon systemic review and where favourable, approval. To this day, Kantara remains the only entity offering 3rd party conformity assessment and approval for this de jure internationally recognized standard, whose promulgation through the GSA FICAM program of which Kantara is an authorized Trust Framework Provider, has been thwarted significantly by federal funding cuts. Nonetheless the FICAM Trust Framework Provider community comprising InCommon, Kantara and SAFE-Biopharma have continued to operate the program for the benefit of the federal and state government without the support of the GSA. My sincere thanks and well deserved community credit goes out to the IAWG leads Ken Dagg, Scott Shorter and the Assurance Review Board comprising Ken Dagg (IAWG liaison), Tom Barton (InCommon), Jamie Bryce Clark (OASIS), Leif Johansson (SUNET), Richard Trevorah (tScheme), Nathan Faut and David Temoshok, upon whose weekly attendance and many hours of pre-meeting preparation the program depends, supported by Program Manager Ruth Puente and editor Richard Wilsher.
Mid-year Kantara absorbed the assets of the IDESG largely comprising the IDEF, the self attesting Registry, the wiki, website, committee artifacts and a small group of members and non member participants following the completion of the grant funding from NIST. While the transition into the newly established Kantara Initiative Educational Foundation operated almost seamlessly thanks in particular to the efforts of Kay Chopard Cohen, Martin Smith, Tom Jones and Kantara's Oliver Maerz, activity and forward progress has been less than anticipated, with IDESG's Healthcare Committee being the standout exception as it reformed inside Kantara's Health Identity Assurance working group under Dr Tom Sullivan's exemplary leadership, contributing matters of significant concern and importance to the community.
While on the subject of Kantara's working groups, the bulk of the activity gravitated around the Consent & Information Sharing and UMA groups. On reflection, perhaps this was not surprising given GDPR enforcement from May 25th, where both Consent Receipt v1.1 and UMA are specifications that play directly to the mitigation of these privacy and compliance risks while equally asserting the individual's sovereignty over their personal data and attributes. The development and demonstration of the interoperability potential of Kantara's Consent Receipt, and the proposed Licencing Model for UMA have piqued the interest of audiences around the globe. A special thanks the Group Leadership Jim Pasquale, John Wunderlich, Andrew Hughes, Eve Maler, Maciej Machulak respectively, along with the dedicated group of corporate members Consentua, digi.me, iWelcome, Open Consent Group, Trunomi, Ubisecure, and individual contributor volunteers Tim Reiniger, Catherine Shultern, Andi Hindle, Adrian Gropper, David Turner, Nancy Lush, Thomas, Cidgem, Domenico and the many others who supported by attending calls and contributing work. 2019 planning in these groups is well underway, whereby groups that became less active over the year as their work completes will be wound up and several new groups will be formed. Already formed a month ago is the ID Proofing and Verification Discussion Group which has enjoyed high call attendance and contributed use cases. This Group will collect Identity Proofing and Verification Use Cases from industry that will be contributed to ISO SC27 Working Group 5 Identity Management and Privacy.
So there you have it. 2018 has seen Kantara improve its financial health, refine its membership and operating procedures, grow its membership, consolidate its work groups around focussed active interest areas, acquire other consortia assets and further develop both its programs.
I think we can be proud of what we have achieved through the support and dedication of members, non member participants, active Board organizations digi.me, Experian, ForgeRock (Kantara President Allan Foster), ISOC (Kantara Secretary, Treasurer Robin Wilton), SecureKey, Leadership Council Chair Andrew Hughes whose dedication to the cause is seemingly without bounds, my near 24x7 staff (Ruth and Oliver), Virtual Inc association management staff (Megan, Bella, Joan, Joe, Rob, Tim and Tom, Bob, Madison, Mikaela and others), and all without whom we could not have made 2018 the really solid progressive year that it has been.
2019 marks Kantara's 10th anniversary and you will see recognition of it throughout the year. That is some considerable feat in the highly volatile world of industry consortia!
As I look at the 12 months ahead, with the less-than-full knowledge I possess now, I see growth everywhere in every aspect of Kantara's activity - R&D and Assurance programs, Working Groups, consortia consolidation, asset acquisition, membership and sponsorship. As next year is likely to be my last full year as your Executive Director, I want it to be a landmark year for Kantara - not just because of its 10 years and it being my last year - but because I want to see all your enthusiasm, suggestions, introductions, and volunteer contributions come to fruition and receive the accolades they richly deserve.
Next week I will be in Washington DC supporting our KIPI Program partners at the DHS S&T Cybersecurity and Innovation Showcase. I've planned to meet with as many of you as I know will be available. If you are in DC next week please just Contact us to reserve a meeting time.
It is with great pleasure that we welcome new individual member Silvia Knittl from Europe.
We also announce and thank a clutch of renewing members from the Trust Framework Operations & Assurance Program including:
- ID.me, Kantara's first service provider carrying the Kantara NIST 800-63-3 conformity assessment Trust Mark at IAL2 and AAL2, while still also retaining its NIST 800-63-2 Mark
- Verizon Synchronoss partner Zentry including renewal of the Trust Mark for its service; and
Finally, Kantara Accredited Assessor Kuma.pro, renewed for a further 12 months. Thank you KUMA!
I won't have many more opportunities this year to say a great big THANK YOU for your support this past year and, on behalf of the incredibly dedicated Kantara staff team, we look forward to serving your interests again in 2019.
Around the Houses:
- Miss something? See our press releases here.
Want to start a Kantara local chapter in your town? We are happy to help. Just Contact us.
Program, Work Group and Discussion Group Updates:
As always, our Specifications, Recommendations and Reports are available for download from our Reports and Recommendations web repository - now with frictionless access.
Not sure where to find things? Staff are only too willing to assist. Contact them via email.
Events: See them all here!