Assurance Review Board

The Assurance Review Board (ARB) is the operational authoritative body of the Kantara Identity Assurance Framework (KIAF). The ARB is responsible for the day-to-day management and operation of the KIAF. Its principal functions are the accepting and reviewing of applications for Approval and for Accreditation. The ARB multistakeholder membership maintain confidentiality and impartiality throughout the lifecycle of the evaluation process and subject to NDA and recusal policies in the case of conflict of interest. Learn more: ARB Charter


(ARB Chair) Leif Johansson, Advisor, Office of the CEO SUNET – Leif Johansson leads the Kantara Initiative Assurance Review Board. His day job is spent working on identity management, strategy and business development for SUNET and various identity federations including He is actively engaged in several organizations that work for the good of the Internet including IETF, Kantara Initiative & OASIS. He serves on the board of directors for Netnod – the operator of i-root and the leading IX in northern Europe.


Richard Trevorah, Technical Manager for tScheme Limited – gained his degree in ‘Computing Science’ in 1978 and has worked for nearly forty years in the IT industry. Richard currently works as an independent consultant – primarily with tScheme but also in the payments industry and, more generally, advising on electronic signatures. Through tScheme, Richard has worked with a number of UK Government departments on Identity Management projects and, in particular, is working with GDS on establishing the standards & certification processes within the Identity Assurance program. Richard was also involved in the International Collaborative Identity Management Forum, an initiative of the Aerospace & Defence industries, to try and establish a reference standard for employee authentication that can be used as a baseline in sensitive, multi-national projects. He also helped define and support the trust mechanism to be used by the European Payments Council to support electronic mandates across the Single European Payments Area.


Incommon/Internet 2

Tom Barton is retired from the University of Chicago, where he was Chief Information Security Officer and Senior Director for Architecture, Integration, and Security. He continues as a contractor for Internet2 working in the intersection of federation, research enablement, and security. He had a prior role at the University of Memphis as Director of IT Infrastructure, and was originally a member of the mathematics faculty there before turning to administration. He’s a member of the Internet2/InCommon CTAB governance group, chairs the REFEDS Sirtfi Working Group, and created and formerly led the Internet2 Grouper project.

Auditor representative

Name withheld by request

NIST representative

Name withheld by request