Scalable Privacy: An NSTIC Pilot for the Identity Ecosystem
The National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative is a "White House initiative to work collaboratively with the private sector, advocacy groups and public-sector agencies" with the goal of advancing the "NSTIC vision that individuals and organizations adopt secure, efficient, easy-to-use, and interoperable identity credentials to access online services in a way that promotes confidence, privacy, choice and innovation." The Internet2 Scalable Privacy Project (ScalePriv) is one of five pilot projects to receive funding from the first round of pilot funding in September 2012. The ScalePriv Project contains several major thrusts around identity and privacy, including a focus on:
Scalable Privacy Project Overview (pdf of slide presentation)
https://spaces.at.internet2.edu/download/attachments/33099874/nstic+overview.pdf
Use Case Library
Attribute Registries, Bundles and Application Categories
A Note on Terminology
On these pages we will often group applications into application categories. It will sometimes be useful to group attributes into various attribute bundles based on their common applicability to a set of use cases. A given attribute bundle may be associated with a particular application category when the attributes in that bundle are generally required or useful for the operation of applications in that category.
- A first-cut, extremely rough and rudimentary browsable Multi-Schema Attribute Registry is under development as part of this project. The information is also available in the form of a spreadsheet and a Protégé ontology project.
- LoA Profile Registry
- Rutgers Identity Attribute Registry (PDF)
- Accessibility Support
- R&S Category Bundle from InCommon
- SWAMID Entity Categories
- The Entity Category Attribute Specification (draft-macedir-entity-attribute)
Citizen Centric Schema
Attribute Pilot
Privacy Manager
Privacy Manager Pilot
Multi-Factor Authentication
Multi-Factor Pilots
Anonymous credentials
Anonymous credentials Pilot
Reference docs
- UK Privacy Notices Code of Conduct
- Economic Tussles in Federated Identity Management: Susan Landau and Tyler Moore
- Attribute Ecosystem slides (working draft)
- Attribute Design Considerations I-D
- FTC COPPA (Children’s Online Privacy Protection Act Rule) Updates
- Multifactor Authentication References
On the utility of context in assessing privacy dimensions of online scenarios
- Reading Notes on Helen Nissenbaum's Privacy in Context:Technology, Policy, and the Integrity of Social Life
- See Andrew Cormack's reflections on how this approach does and doesn't help us in thinking through federated identity and access management contexts