Welcome to IDtrust XML.org.

This is the official community gathering place and information resource for identity and trusted infrastructure standards. The site is hosted by the OASIS IDtrust Member Section, a group that encourages new participation from developers and users. This is an open, vendor-neutral community-driven site, and the public is encouraged to contribute content. See more about this site.

Identity-Based Key Agreement Protocol for Network Layer

This paper was presented at the Sixth Conference on Security and Cryptography for Networks (SCN 2008), Amalfi, Italy. A new identity-based key agreement protocol designed to operate on the network layer is presented. Endpoint addresses, namely IP and MACaddresses, are used as public keys to authenticate the communication devices involved in a key agreement, which allows us to piggyback much of the security overhead for key management to the existing network infrastructure.

Read more

NIST Guidelines Released for Secure Use of Digital Signatures

Guidelines for secure use of approved hash algorithms have been updated by the U.S. National Institute of Standards and Technology, providing the technical specifications for the latest Federal Information Processing Standards (FIPS). NIST publications on security (including encryption and key management) have played a prominent role for many years, especially for government applications.

Read more

OASIS public review opens for Identity Metasystem Interoperability 1.0

Members of the OASIS Identity Metasystem Interoperability Technical Committee have approved a Committee Draft version of the "Identity Metasystem Interoperability Version 1.0" specification for public review. The review period extends through April 27, 2009. This specification is intended for developers and architects who wish to design identity systems and applications that interoperate using the Identity Metasystem Interoperability specification.

Read more

Heartland CEO Calls for Industry Cooperation to Fight Cyber Criminals and Adoption of End-To-End Encryption

For the past year, Carr has been a strong
advocate for industry adoption of end-to-end encryption - which
protects data at rest as well as data in motion - as an improved and
safer standard of payments security. While he believes this technology
does not wholly exist on any payments platform today, Heartland has
been working to develop this solution and is more committed than ever
to deploying it as quickly as possible.

Read more

Enterprise key management deciphered

In recent years, high-profile data breaches and identity thefts have
grabbed countless headlines. The media coverage suggests it's an
emerging problem, but unfortunately these cybercrimes and their
frequency are nothing new. Instead, what's changed are the new laws,
such as California law SB 1386, requiring organizations to notify
individuals when unencrypted personal information has been—or at least
is reasonably believed to have been—acquired by an unauthorized entity.

Read more

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I