Diff for Authentication frameworks

Thu, 11/15/2007 - 22:38 by Stephen.WilsonMon, 04/15/2013 - 18:49 by jmarquez
Changes to Body
Line 7Line 7
 
PKI.
 
PKI.
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
The frameworks mentioned below differ from vanilla
 
The frameworks mentioned below differ from vanilla
 
commercial Certificate Authorities insofar as they seek to provide
 
commercial Certificate Authorities insofar as they seek to provide
 
comprehensive support for transactions and for the implementation of
 
comprehensive support for transactions and for the implementation of
 
transaction systems, usually in the specific context of a jurisdiction or
 
transaction systems, usually in the specific context of a jurisdiction or
-
industry sector.
+
industry sector.
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<strong>Identity Management and Authentication Policy Frameworks </strong>
 
<strong>Identity Management and Authentication Policy Frameworks </strong>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
-
The US Government's main framework for selecting authentication technologies to match transaction requirements is its <a rel="nofollow" href="http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf" target="_blank">Electronic Authentication Guideline: Recommendations of NIST, Version 1.0.2</a>
+
The US Government's main framework for selecting authentication technologies to match transaction requirements is its <a rel="nofollow" href="http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf" target="_blank">Electronic Authentication Guideline: Recommendations of NIST, Version 1.0.2</a>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<a href="http://piv.nist.gov/" target="_blank">The US Personal Identity Verification</a> (PIV) is more than a policy framework - it is a comprehensive new identity card system and
 
<a href="http://piv.nist.gov/" target="_blank">The US Personal Identity Verification</a> (PIV) is more than a policy framework - it is a comprehensive new identity card system and
 
suite of standards for federal government employees and contractors, driven by
 
suite of standards for federal government employees and contractors, driven by
-
Homeland Security Presidential Directive HSPD-12. The peak standard is <a href="http://csrc.nist.gov/publications/fips/fips201-1/FIPS-201-1-chng1.pdf" target="_blank">FIPS 201</a>. See also <a href="http://csrc.nist.gov/groups/SNS/piv/" target="_blank">About PIV</a> and <a href="http://csrc.nist.gov/drivers/documents/Presidential-Directive-Hspd-12.html" target="_blank">HSPD-12</a>.
+
Homeland Security Presidential Directive HSPD-12. The peak standard is <a href="http://csrc.nist.gov/publications/fips/fips201-1/FIPS-201-1-chng1.pdf" target="_blank">FIPS 201</a>. See also <a href="http://csrc.nist.gov/groups/SNS/piv/" target="_blank">About PIV</a> and <a href="http://csrc.nist.gov/drivers/documents/Presidential-Directive-Hspd-12.html" target="_blank">HSPD-12</a>.
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
-
<a href="http://www.agimo.gov.au/infrastructure/authentication/agaf_b" target="_blank">Australian Government Authentication Framework (AGAF)</a>
+
<a href="http://www.agimo.gov.au/infrastructure/authentication/agaf_b" target="_blank">Australian Government Authentication Framework (AGAF)</a>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
-
<a href="http://www.agimo.gov.au/infrastructure/authentication/agaf_i" target="_blank">Australian Government AUthentication Framework for Individuals (AGAF-I)</a>
+
<a href="http://www.agimo.gov.au/infrastructure/authentication/agaf_i" target="_blank">Australian Government AUthentication Framework for Individuals (AGAF-I)</a>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
-
<a href="http://www.e.govt.nz/services/authentication">New Zealand Authentication Programme</a>
+
<a href="http://www.dia.govt.nz/diawebsite.nsf/wpg_URL/Resource-material-Publications-Identity-Assurance-Framework">New Zealand Authentication Programme</a>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<strong>&quot;Live&quot; authentication services -- Government</strong>
 
<strong>&quot;Live&quot; authentication services -- Government</strong>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
-
<a href="http://www.cio.gov/fbca/" target="_blank"><span style="font-size: 10pt">US Federal Bridge CA</span></a>
+
<a href="http://www.cio.gov/fbca/" target="_blank"><span style="font-size: 10pt">US Federal Bridge CA</span></a>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<a href="http://www.sk.ee/pages.php/0203" target="_blank">Estonia </a>runs a comprehensive national PKI based around its smart identity card, and
 
<a href="http://www.sk.ee/pages.php/0203" target="_blank">Estonia </a>runs a comprehensive national PKI based around its smart identity card, and
 
supporting many worlds best practice G2C applications including document
 
supporting many worlds best practice G2C applications including document
-
lodgement and e-voting.
+
lodgement and e-voting.
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<a href="https://stage-pki.belgium.be/" target="_blank">Belgium</a>
 
<a href="https://stage-pki.belgium.be/" target="_blank">Belgium</a>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<strong>&quot;Live&quot; authentication services -- Private
 
<strong>&quot;Live&quot; authentication services -- Private
-
Sector</strong>
+
Sector</strong>
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<a href="http://www.identrust.com/" target="_blank">Identrust </a>(formerly &quot;Identrus&quot;) is a PKI program and shared infrastructure
 
<a href="http://www.identrust.com/" target="_blank">Identrust </a>(formerly &quot;Identrus&quot;) is a PKI program and shared infrastructure
 
service for the global banking sector. The level of &quot;full service&quot;
 
service for the global banking sector. The level of &quot;full service&quot;
 
PKI offerings from Identrust is continuously evolving; they offer more than a
 
PKI offerings from Identrust is continuously evolving; they offer more than a
-
policy framework.
+
policy framework.
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<a href="http://www.paa.net/" target="_blank">Pan Asia Alliance</a> is a consortium of Certification Authorities operating according
 
<a href="http://www.paa.net/" target="_blank">Pan Asia Alliance</a> is a consortium of Certification Authorities operating according
 
to a common set of policies and procedures that specifically support online
 
to a common set of policies and procedures that specifically support online
-
documentation for cross border trade between member jurisdictions.
+
documentation for cross border trade between member jurisdictions.
 
</p>
 
</p>
-
<p class="MsoPlainText">
+
<p>
 
<a href="http://www.cablelabs.com/certqual/security/" target="_blank">CableLabs </a>is a peak body for the Cable TV industry, which
 
<a href="http://www.cablelabs.com/certqual/security/" target="_blank">CableLabs </a>is a peak body for the Cable TV industry, which
-
operates a PKI for embedded device certificates.
+
operates a PKI for embedded device certificates.
 
</p>
 
</p>
 
 
Revision of Mon, 04/15/2013 - 18:49:

Authentication frameworks

Several comprehensive authentication infrastructures have been established around the world, in both the government and private sector, of varying degrees of comprehensiveness. Some are policy frameworks which seek to provide guidance to e-business implementers, while other infrastructures provide live services to help with authentication. Most of the latter today use PKI.

The frameworks mentioned below differ from vanilla commercial Certificate Authorities insofar as they seek to provide comprehensive support for transactions and for the implementation of transaction systems, usually in the specific context of a jurisdiction or industry sector.

Identity Management and Authentication Policy Frameworks

The US Government's main framework for selecting authentication technologies to match transaction requirements is its Electronic Authentication Guideline: Recommendations of NIST, Version 1.0.2

The US Personal Identity Verification (PIV) is more than a policy framework - it is a comprehensive new identity card system and suite of standards for federal government employees and contractors, driven by Homeland Security Presidential Directive HSPD-12. The peak standard is FIPS 201. See also About PIV and HSPD-12.

Australian Government Authentication Framework (AGAF)

Australian Government AUthentication Framework for Individuals (AGAF-I)

New Zealand Authentication Programme

"Live" authentication services -- Government

US Federal Bridge CA

Estonia runs a comprehensive national PKI based around its smart identity card, and supporting many worlds best practice G2C applications including document lodgement and e-voting.

Belgium

"Live" authentication services -- Private Sector

Identrust (formerly "Identrus") is a PKI program and shared infrastructure service for the global banking sector. The level of "full service" PKI offerings from Identrust is continuously evolving; they offer more than a policy framework.

Pan Asia Alliance is a consortium of Certification Authorities operating according to a common set of policies and procedures that specifically support online documentation for cross border trade between member jurisdictions.

CableLabs is a peak body for the Cable TV industry, which operates a PKI for embedded device certificates.

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I