4 contractors unveil path to trusted digital ID credentials

Initiative coincides with new White House trusted identities strategy

A quartet of contractors is combining their IT know-how to work on an initiative designed to protect the nation’s infrastructure and further secure digital identification credentials.

The newly developed Cross-Sector Digital Identity Initiative – led by Northrop Grumman Corp., Microsoft Corp., CA Technologies and CertiPath – was unveiled April 15 by Commerce Secretary Gary Locke as a "Proof of Concept" for the Obama administration's National Strategy for Trusted Identities in Cyberspace (NSTIC), which was announced simultaneously.

“Old user name and password combination is no longer good enough,” Locke said in announcing the strategy’s release.

The initiative identifies a set of guiding principles for accelerating the use of trusted digital identity credentials, according to a Northrop Grumman announcement.

The strategy aims to deploy a system that will help secure transactions on the Internet, improve the public's awareness and control of personal information, and stimulate growth of online commerce.

The initiative will prove their concept – a proposed "trusted architecture framework" – through various real-life case scenarios.

The first scenario will show how mobile devices enabled with cloud-based, trusted-identity credentials can be used to authenticate online transactions in a way that improves both security and privacy, the announcement said.

The Cross-Sector Digital Identity Initiative brings together private and public sector participants to demonstrate key NSTIC concepts and to identify barriers to adoption across technical, political, social and economic domains.

"Strengthening data security while preserving privacy remains a key challenge across all domains," said Alan Leckenby, vice president of business and identity solutions at Northrop Grumman Information Systems, in the announcement.

"To help protect privacy, NSTIC calls for sharing only the amount of data necessary for a transaction and for users to have better control over the flow of their personal information. The proof of concept will demonstrate ways that privacy and security can successfully co-exist," he explained.

"Creating this ecosystem will provide citizens with a variety of choices for authenticating their identity online while helping to protect their security and privacy. Realizing this vision brings us closer towards a safer, more trusted Internet," added Scott Charney, corporate vice president at Microsoft.

A NSTIC program office is being established at the National Institute of Standards and Technology. It plans to hold three workshops with the public and industry stakeholders by the end of September on governance, technology and privacy standards to create a consensus on moving forward. Dates have not yet been set, but the initial workshop, on governance, is expected in June.

Funding for the NSTIC program office, which would fund pilot programs, has been included in the Commerce Department’s budget proposal for fiscal 2012.

Northrop Grumman, of Los Angeles, ranks No. 2 on Washington Technology’s 2010 Top 100 list of the largest federal government contractors.

About the Authors

David Hubler is the former print managing editor for GCN and senior editor for Washington Technology. He is freelance writer living in Annandale, Va.

William Jackson is a Maryland-based freelance writer.

Reader Comments

Mon, Apr 18, 2011 trubarb

It is worth noting that the private sector is already implementing verified credentials to build "trusted" communities to facilitate commerce and to establish credibility in professional networks. At http://cms.hour.ly/? DOT p=823 prospective workers choose to verify their identities and even share the results of their criminal background checks to speed the hiring process. At https://www.mavenresearch.com/f DOT aq#identity-verification community members choose to share their credentials to facilitate client companies looking to survey verified professionals with specific industry expertise. And at http://www.naymz.com/a DOT bout.action?section=compare community members volutarily verify their credentials to help build their credibility. Verified credentials are also being used to protect young students in http://www.icouldbe.org/standard/public/l DOT m_protecting_students_online.asponline mentoring site, and to limit fraud at http://upperbid.com/cgi-bin/auction/a DOT uction.cgi?action=GetPage&Name=trufinaLaunch&Lang=English auction site. Mentors share their verified identity information, including clear criminal background checks, and sellers are verified, respectively. In both cases, the anonymity of the individual is protected while the trusted community is assured. While the NSTIC community works out preferred standards for single-sign-on and establishes governence guidelines, individuals and responsible web properties should not hesitate to implement viable solutions today. Individuals' identities can be shared while their privacy is protected through the use of verified credentials that can be used over and over again at the users discretion. http://www.trufina.com/blog/? DOT p=360 is one company dedicated to providing those services from a completely user-centric perspective.

Mon, Apr 18, 2011

Here comes... 5. Centralization of credit in the banks of the state, by means of a national bank with state capital and an exclusive monopoly.

6. Centralization of the means of communication and transport in the hands of the state.

Fri, Apr 15, 2011

I wonder if Mr. Locke has considered the other contractors who's skills in identity management far exceed this group's. There's this thing called the Federal Acquisition Regulation, you know ...competition? While I understand this is a "proof of concept," I wonder who else was asked to propose a solution. Can you please write an article about that? Thanks.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.


WT Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.