4 contractors unveil path to trusted digital ID credentials

A quartet of contractors is combining their IT know-how to work on an initiative designed to protect the nation's infrastructure and further secure digital identification credentials.

A quartet of contractors is combining their IT know-how to work on an initiative designed to protect the nation’s infrastructure and further secure digital identification credentials.

The newly developed Cross-Sector Digital Identity Initiative – led by Northrop Grumman Corp., Microsoft Corp., CA Technologies and CertiPath – was unveiled April 15 by Commerce Secretary Gary Locke as a "Proof of Concept" for the Obama administration's National Strategy for Trusted Identities in Cyberspace (NSTIC), which was announced simultaneously.

“Old user name and password combination is no longer good enough,” Locke said in announcing the strategy’s release.

The initiative identifies a set of guiding principles for accelerating the use of trusted digital identity credentials, according to a Northrop Grumman announcement.

The strategy aims to deploy a system that will help secure transactions on the Internet, improve the public's awareness and control of personal information, and stimulate growth of online commerce.

The initiative will prove their concept – a proposed "trusted architecture framework" – through various real-life case scenarios.

The first scenario will show how mobile devices enabled with cloud-based, trusted-identity credentials can be used to authenticate online transactions in a way that improves both security and privacy, the announcement said.

The Cross-Sector Digital Identity Initiative brings together private and public sector participants to demonstrate key NSTIC concepts and to identify barriers to adoption across technical, political, social and economic domains.

"Strengthening data security while preserving privacy remains a key challenge across all domains," said Alan Leckenby, vice president of business and identity solutions at Northrop Grumman Information Systems, in the announcement.

"To help protect privacy, NSTIC calls for sharing only the amount of data necessary for a transaction and for users to have better control over the flow of their personal information. The proof of concept will demonstrate ways that privacy and security can successfully co-exist," he explained.

"Creating this ecosystem will provide citizens with a variety of choices for authenticating their identity online while helping to protect their security and privacy. Realizing this vision brings us closer towards a safer, more trusted Internet," added Scott Charney, corporate vice president at Microsoft.

A NSTIC program office is being established at the National Institute of Standards and Technology. It plans to hold three workshops with the public and industry stakeholders by the end of September on governance, technology and privacy standards to create a consensus on moving forward. Dates have not yet been set, but the initial workshop, on governance, is expected in June.

Funding for the NSTIC program office, which would fund pilot programs, has been included in the Commerce Department’s budget proposal for fiscal 2012.

Northrop Grumman, of Los Angeles, ranks No. 2 on Washington Technology’s 2010 Top 100 list of the largest federal government contractors.