IDTrust: Liberty Alliance Panel - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

IDTrust: Liberty Alliance Panel

Description:

FI Compliance Policy Improvement? Customer Experience Improvement? 7 ... Using FI policy approved digital certificate issuers, FIs reduce risk of ... – PowerPoint PPT presentation

Number of Views:18
Avg rating:3.0/5.0
Slides: 10
Provided by: mikemcc4
Category:

less

Transcript and Presenter's Notes

Title: IDTrust: Liberty Alliance Panel


1
ID-Trust Liberty Alliance Panel
  • Advancing Common Levels of Trust

2
An Operational Perspective
  • Policy rules, agreements
  • Vendor product support
  • PKI and trust agreements
  • Managing the trust agreements over time an
    operations view

3
Policy rules, agreements
  • Get aligned
  • Policy harmonization
  • Agree on definitions NIST assurance levels, ANSI
    standards, etc. extend / connect with
    enterprise policies
  • Extra-organizational policy
  • If possible, leverage high level terms and
    positions on implementation issues subscribe,
    translate, and qualify
  • Stay aligned
  • Rate of change
  • Understand the requirements of change
  • Plan for the change process
  • Backward compatibility
  • Recognize that all agents wont keep pace
  • Attempt to keep all agents subscribed
  • Risk level changes, etc.
  • Recourse and penalty
  • There will be non-compliant applications. Plan
    for it.

4
Vendor product support
  • A better dialog required
  • Requests for standards implementation
  • Application certification (interoperation)
  • Ask for instrumentation
  • Assume the need for application meta-information
    and output to analytic products

5
PKI and trust agreements
  • Ad-hoc, non-SAML, PKI federations
  • Extra-enterprise trust domains?
  • Defined by the relying-application
  • Either active or passive
  • Application level domains?
  • Defined as enterprise or extra-prise
  • Industry pki Trust-Authorities
  • Default pki trust-stores (appropriate?)
  • Industry Trust structures benefits?

6
An Industry Trust Authority Who does it help?
How?
  • Technology, Business, or both?
  • Business Process Enhancement?
  • Information Security Improvement?
  • FI Compliance Policy Improvement?
  • Customer Experience Improvement?

7
Managing the trust agreements over time an
operations view
8
A Financial Industry Bridge Certification
Authority
  • Support growing digital certificate use in
    Financial Institutions
  • (Technology)
  • PKI has moved from a star technology to a role
    as second-clarinet in the technology orchestra
  • Digital certificates in heavier use as internet
    utilities become e-transportation network
  • Enable businesses to snap together new
    connections less cost, new products faster
  • (Business Processes)
  • Using best / favorite certified digital
    certificate provider instead of negotiating and
    building connections for each project / service
  • Secure connections with strong, standard security
    components and protocols (Information Security
    enhancing)
  • Using FI policy approved digital certificate
    issuers, FIs reduce risk of trusting the
    un-trustworthy
  • Maintain connections with a strong policy
    framework across institutions (Policies and
    Compliance)
  • The non-technical a policy / trust authority
    board to decide which issuer certificate
    authorities conform to FI standards and
    requirements
  • Interact with customers using strong,
    financial-Institution issued credentials
    (Customer experience)
  • Defining a trusted set of issuers with common
    issuance policies, regularly certified for use
    outside of a single institution.

9
Conclusions
  • Identify good policy subscribe and maintain
  • Work with vendors to deliver robust standards
    based products
  • Observe to formation of informal, un-defined
    federations not necessarily SAML
  • Bridge PKI and federation are not exactly the
    same thing
  • A federation could provide a bridge service as
    part of a federation
  • Trust agreements are not one-time static events
Write a Comment
User Comments (0)
About PowerShow.com