Building Identity Trust Federations Conference Call
September 15, 2010
1) In Attendance
- Chad Grant (NASCIO)
- Michael Hodges (University of Hawaii)
- Ken Klingenstein (Internet2/InCommon)
- George Laskaris (NJ Edge)
- Rodney Petersen (EDUCAUSE)
- Todd Piket (Minnesota State Colleges & Universities)
- Mark Scheible (NCSU)
- Garret Sern (EDUCAUSE)
- Michael Trullinger (California State University)
- Valerie Vogel (EDUCAUSE)
- Ann West (Internet2/InCommon)
2) Introduction - George Laskaris
- This community collaboration group meets on the third Wednesday each month to explore the building of federations within and across state boundaries. The calls are open to anyone who takes an interest in this area. This effort is supported by EDUCAUSE, Internet2, and InCommon.
- The group holds monthly calls to learn from each other and share experiences about what has (or hasn't) worked. The wiki provides additional information and previous meeting minutes: https://spaces.at.internet2.edu/display/USFederations/Building+Identity+Trust+Federations.
3) Overview of the Digital Identity Working Group at NASCIO (Chad Grant, Policy Analyst)
- This month's call featured Chad Grant, Policy Analyst, NASCIO (National Association for State CIO's). Chad was invited to provide an overview of the progress the State Digital Identity Working Group has made, as well as other NASCIO initiatives.
- 46 states are currently suffering from budget shortfalls, with $53 billion less revenue going to the states. State CIOs ranked their IT priorities and IDM was #9 out of 10.
- National framework for interoperability is one of NASCIO's goals. Creating a federated identity model is key. They want to create a consolidated approach and are currently looking at how to address implementation barriers.
- States need extremely high levels of identity assurance. May see a reduction in cost for federal and state governments as they try to break down silos between federal and state.
- NASCIO has created a Digital Identity Working Group, which started with a workshop in Baltimore, MD for state CIO's and a few others. The first step is an educational campaign for NASCIO membership. The group is also working on a roadmap (from a state perspective) and will issue a draft at their annual conference. They're reaching out to others like EDUCAUSE, MS-ISAC, ABA Federated Identity Management Legal Task Force, and others to find use cases, examples of business drivers, etc. They're getting a good understanding of what else is out there, while continuing to educate members.
- They requested funding from DHS, but were unable to get it for 2010. DC wants to do a pilot on digital identity issues and NASCIO is in the running.
- 2010 elections is another focus for NASCIO this year.
- There is a digital Identity briefing coming up on September 26.
- Doing some outreach - Fletcher did a panel on digital identity recently.
- The Digital Identity Working Group calls are open to anyone.
- The group is trying to get a briefing from one of the major writers of the National Strategy for Trusted Identities in Cyberspace (NSTIC). Rodney noted that he just found out the strategy won't come out until Jan. 2011, but they'll be doing some briefings in October as an update. Everyone agreed it's a good idea to coordinate our two groups for one of the briefings.
- FICAM has some use cases on a federal level. Now the NASCIO working group is in the process of creating SICAM for the state level and developing use cases more relevant to the state.
- Active states: California, Illinois (PKI), Colorado, DC (DC One card), Delaware.
- Ken noted that we work closely with Identity, Credential, and Access Management (ICAM), particularly in the privacy space.
- There have been conversations about access control and attributes. Although the group is mostly talking about IDM right now, they know that these are important issues, as well.
- There have been more general discussions around using OpenID to get government services, but the NASCIO working group hasn't really discussed OpenID too much. They're discussing more of the technical architecture and falling in line with the FICAM document (from a state perspective).
- Chad (email@example.com) has offered to provide this group with the state use cases as soon as possible.