Liberty Alliance releases privacy best practices

An industry standards body has released guidelines on how to ensure that online credentialing systems meet privacy laws.

Agencies can use the Liberty Alliance Project's guide when developing authentication systems, said Christine Varney, a consultant for the San Francisco alliance whose members' focus is identity management standards.

The best practices released today accompany the release of the alliance's second set of specifications for federated identity management.

The Privacy and Security Best Practices includes a high-level summary of how to implement federated identity management systems so that they meet U.S. and European government privacy laws, such as the Child Online Protection Act, Health Insurance Portability and Accountability Act, and European Union Privacy Directive. It also offers guidelines on securing identity management systems.

The federated identity management specifications lay the groundwork for setting up Web-based services for authentication. With the specs, vendors and end-user organizations can start building applications that work together across systems. The initial round of Web services specifications includes templates for setting up registration systems and building employee profiles.

The federated approach to authentication is based on organizations setting up their own authentication systems that use a standard set of specifications for exchanging credentials across systems.

The Liberty Alliance specifications are well-suited to government use, Varney said, especially given the Office of Management and Budget's and General Services Administration's recent decision to scrap plans for a centralized federal authentication gateway.

The Liberty Alliance Project has more than 160 participating organizations, including GSA, the Defense Department and companies such as PeopleSoft Inc. of Pleasanton, Calif., Schlumberger Ltd. of New York, Sun Microsystems Inc. and VeriSign Inc. of Mountain View, Calif.

Joab Jackson writes for Government Computer News magazine.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.