Liberty Alliance releases privacy best practices

An industry standards body has released guidelines on how to ensure that online credentialing systems meet privacy laws.

Agencies can use the Liberty Alliance Project's guide when developing authentication systems, said Christine Varney, a consultant for the San Francisco alliance whose members' focus is identity management standards.

The best practices released today accompany the release of the alliance's second set of specifications for federated identity management.

The Privacy and Security Best Practices includes a high-level summary of how to implement federated identity management systems so that they meet U.S. and European government privacy laws, such as the Child Online Protection Act, Health Insurance Portability and Accountability Act, and European Union Privacy Directive. It also offers guidelines on securing identity management systems.

The federated identity management specifications lay the groundwork for setting up Web-based services for authentication. With the specs, vendors and end-user organizations can start building applications that work together across systems. The initial round of Web services specifications includes templates for setting up registration systems and building employee profiles.

The federated approach to authentication is based on organizations setting up their own authentication systems that use a standard set of specifications for exchanging credentials across systems.

The Liberty Alliance specifications are well-suited to government use, Varney said, especially given the Office of Management and Budget's and General Services Administration's recent decision to scrap plans for a centralized federal authentication gateway.

The Liberty Alliance Project has more than 160 participating organizations, including GSA, the Defense Department and companies such as PeopleSoft Inc. of Pleasanton, Calif., Schlumberger Ltd. of New York, Sun Microsystems Inc. and VeriSign Inc. of Mountain View, Calif.

Joab Jackson writes for Government Computer News magazine.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • VIDEO: Explore the 2019 M&A Trends

    Editor Nick Wakeman interviews Kevin DeSanto of the investment bank KippsDeSanto about the highlights of their annual M&A survey and trends driving acquisitions in the federal space. Read More


    In our latest Project 38 Podcast, editor Nick Wakeman and senior staff writer Ross Wilkers discuss the major news events so far in 2019 and what major trends are on the horizon. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.