THE CHALLENGES OF THIRD-PARTY IDENTITY CREDENTIALS & WHY A TRUSTED IDENTITY REGISTRY IS NEEDED
description
Transcript of THE CHALLENGES OF THIRD-PARTY IDENTITY CREDENTIALS & WHY A TRUSTED IDENTITY REGISTRY IS NEEDED
A Registry for Online TrustDon Thibeau
Chairman & President
© by Open Identity Exchange, 2014
A Registry for Online Trust
Four Problems Plague Trusted Transactions
…
… “Four Horsemen of the Identity Apocalypse”
© by Open Identity Exchange, 2014
A Registry for Online Trust
• Governance systems that are transparent in the service of trusted transactions in the “zero-trust” internet ecosystem
• Liability is the legal enforcement and assignment of the duties of all actors in an identity system for the protection of all stakeholders
• Certification options that are responsive to the speed, scale and dynamism of the internet
• Adoption of a community of interest’s business, legal and technical interoperability requirements
… “Four Horsemen of the Identity Apocalypse”
© by Open Identity Exchange, 2014
A Registry for Online Trust
Markets grow when there is trust between stakeholders, making transactions reliable and repeatable
Trusted identity systems need leverage
How do we leverage trusted identity systems?
Listings leverage identity data
Directories automate discovery
Exchanges grow markets
Registries build trust
Even dogs have registries!
© by Open Identity Exchange, 2014
A Registry for Online Trust
There is no registry for trusted identity systems.
© by Open Identity Exchange, 2014
A Registry for Online Trust
is building
© by Open Identity Exchange, 2014
A Registry for Online Trust
Registries build trust
© by Open Identity Exchange, 2014
A Registry for Online Trust
enable interoperability
© by Open Identity Exchange, 2014
A Registry for Online Trust
increase the volume and velocity of trusted transactions
© by Open Identity Exchange, 2014
A Registry for Online Trust
And accelerate market growth
© by Open Identity Exchange, 2014
A Registry for Online Trust
How does it work?
© by Open Identity Exchange, 2014
A Registry for Online Trust
© by Open Identity Exchange, 2014
A Registry for Online Trust
OIXnet Pilot
Symantec providing a secure, trusted, scalable platform for conformance testing, self-certification and registration.
OIX announces the pilot of the OIXnet registry and the the first self-certifications of OpenID Connect.
Google, Microsoft, Ping Identity and salesforce to be the first to self-certify to the OpenID Connect standard and to be registered at the OIXnet pilot
© by Open Identity Exchange, 2014
A Registry for Online Trust
Pilot Registration Flow
Registration Requirements
FAQ&
Terms of Service
Approve?
Registration Approval Package
YES
Registration Denial
NO
Information Needed “To Be Trusted”
COI’s are solely responsible for business, legal and technical
requirements
Information Needed “To Be Registered”
OIX is solely responsible for business, legal and technical
requirements
AC
CES
SLA
YER
GO
VER
NA
NC
ELA
YER
Manual/Automated Discovery
Pilot Phase: Listing Service -- Future: Automated Discovery
© by Open Identity Exchange, 2014
A Registry for Online Trust
Building OIXnet
Testing Self-Certification and Registration Focusing on near-term, low cost, agile use-cases e.g. OpenID
Connect
Investing in legal research focused on liability in the OIXnet registry
model
Adapting Registry Models for OIXnet CA Browser Forum
Cloud Security Alliance Star Registry
U.S.-EU Safe Harbor
IDESG Trust Framework and Trustmark Committee
Liberty Alliance Project
Piloting Registry Business, Legal and Technical MechanismsPartnering with COI’s and e.g. OpenID Foundation and others
Partnering with industry, government and academic leaders
© by Open Identity Exchange, 2014
A Registry for Online Trust
…“Four Horsemen of the Identity Apocalypse”
• Governance: the full transparency of all COI and OIX business, legal and technical requirements builds trust
• Liability: COI + OIXnet TOS agreements clearly assign and enforce all duties of all actors in an identity system
• Certification: self certification + registration responds to the speed, scale and dynamism of internet identity
• Adoption: OIXnet removes friction and speeds the discovery of a COI’s business, legal and technical requirements
… “Four Horsemen of the Identity Apocalypse”
© by Open Identity Exchange, 2014
A Registry for Online Trust
Why OIX?
© by Open Identity Exchange, 2014
A Registry for Online Trust
Global Cross-Sector Leadership
Data Aggregators
Enterprise
Technology
Consulting Services
Banking
Government
Telcos
© by Open Identity Exchange, 2014
A Registry for Online Trust
Join OIX’s work to build trust in internet identity. Shape the future of trusted transactions online.
Don ThibeauChairman| Open Identity Exchange