Scalable Privacy: An NSTIC Pilot for the Identity Ecosystem
The National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative is a "White House initiative to work collaboratively with the private sector, advocacy groups and public-sector agencies" with the goal of advancing the "NSTIC vision that individuals and organizations adopt secure, efficient, easy-to-use, and interoperable identity credentials to access online services in a way that promotes confidence, privacy, choice and innovation." The Internet2 Scalable Privacy Project (ScalePriv) is one of five pilot projects to receive funding from the first round of pilot funding in September 2012. The ScalePriv Project contains several major thrusts around identity and privacy, including a focus on:
- Promoting the adoption of Multi-factor Authentication (MFA) across Higher Education institutions
- Attribute ecosystem development: Attribute Registries, Bundles and Application Categories
- Citizen-centric Schema
- Privacy Manager
- Anonymous credentials
Scalable Privacy Project Overview (pdf of slide presentation)
Use Case Library
Key focus areas of the ScalePriv Project
Multi-Factor Authentication
Attribute Registries, Bundles and Application Categories
| Info | ||
|---|---|---|
| ||
On these pages we will often group applications into application categories. It will sometimes be useful to group attributes into various attribute bundles based on their common applicability to a set of use cases. A given attribute bundle may be associated with a particular application category when the attributes in that bundle are generally required or useful for the operation of applications in that category. |
- A first-cut, extremely rough and rudimentary browsable Multi-Schema Attribute Registry is under development as part of this project. The information is also available in the form of a spreadsheet and a Protégé ontology project.
- LoA Profile Registry
- Rutgers Identity Attribute Registry (PDF)
- Accessibility Support
- R&S Category Bundle from InCommon
- SWAMID Entity Categories
- The Entity Category Attribute Specification (draft-macedir-entity-attribute)
Citizen Centric Schema
Privacy Manager
Privacy Manager Pilot
Anonymous credentials
Reference docs
This is a collection of documents that are useful background and/or resources for the full range of ScalePriv project activities.
- UK Privacy Notices Code of Conduct
- Economic Tussles in Federated Identity Management: Susan Landau and Tyler Moore
- Attribute Ecosystem slides (working draft)
- Attribute Design Considerations I-D
- FTC COPPA (Children’s Online Privacy Protection Act Rule) Updates
- Multifactor Authentication References
On the utility of context in assessing privacy dimensions of online scenarios
- Reading Notes on Helen Nissenbaum's Privacy in Context:Technology, Policy, and the Integrity of Social Life
- See Andrew Cormack's reflections on how this approach does and doesn't help us in thinking through federated identity and access management contexts