Identity Assurance

General questions related to the Identity Assurance work, including the merge of EAP into Liberty Alliance, Liberty Identity Assurance Framework, and discussion of other key issues related to this important Expert Group.

The Electronic Authentication Partnership (EAP) and Liberty Alliance have always shared a number of similar goals. Both organizations have recognized that the industry needs a common trust framework to allow interoperable inter-federations to advance more easily and on the widest possible scale. Established in 2002 and recently approved as a non-profit membership organization, the EAP realized that a merger into Liberty Alliance would allow it to extend its work in developing the EAP Trust Framework by leveraging the participation of Liberty’s global membership, the work of its expert and special interest groups and its proven model of addressing the technology, business and privacy aspects of identity management. The merger of EAP into Liberty Alliance provides both organizations with a mutually beneficial relationship for quickly developing the Liberty Trust Framework.

The Liberty Identity Assurance Framework is an organizational framework designed to fill cross-industry requirements for standardized identity assurance criteria for use in a broad range of federation scenarios. The Framework provides organizations in every sector and region with criteria for moving identity federations forward based on a standard approach to managing identity assurance levels and associated business processes and technologies. Work on developing the Framework is happening within Liberty’s new global Identity Assurance Expert Group (IAEG) where members are developing the Liberty Identity Assurance Framework by initially extending contributions from the Trust Framework of the EAP and the Credential Assessment Framework of the US E-Authentication Federation. The current version of the specification as well as the ReadMe First doc are located here.

The Trust Framework of the EAP collectively defines the industry-led self-regulatory framework for electronic trust services in the United States, as operated by the EAP. The trust framework includes, among other documents, descriptions of criteria, rules, procedures and processes to help organizations manage identity assurances across federated and inter-federated relationships. The information found in the Trust Framework of the EAP is providing the foundation for developing the Liberty Trust Framework within the IAEG.

The Credential Assessment Framework puts forth the assessment criteria by which credential service providers will be certified to the EAP Trust Framework. The IAEG will incorporate some of the criteria established in the Credential Assessment Framework into the Liberty Trust Framework.

The IAEG is developing the Liberty Identity Assurance Framework to remove a major barrier to global inter-federation deployments: the complexity of assessing the level of identity assurance among all organizations participating in federated relationships. Currently, different federations have varying policies and processes governing identity operations, the interpretation of which adds to the cost and complexity of deploying assured identity services. With common criteria for determining accurate identities in place, the Liberty Identity Assurance Framework will make it easier to bring new members into existing federations as well as simplify how federations themselves can interoperate. The current version and ReadMe First document is available here.

IAEG was formed by the merge of the EAP into Liberty Alliance and is currently focused on the development of the Liberty Identity Assurance Framework. IAEG is Liberty’s fourth global expert group, joining the Business Marketing Expert Group (BMEG), Technology Expert Group (TEG), and Public Policy Expert Group (PPEG). The group consists of members representing the worldwide financial services, government, healthcare and service provider sectors and is working with all of Liberty’s expert and special interest groups (SIGs), such as the eGovernment, eHealth, Identity Theft Prevention, Japan and Norway SIGs, to collaboratively drive the development of the Liberty Identity Assurance Framework.

Liberty Alliance has made memberships available to all EAP members and since forming the IAEG last month, and many members of the EAP have joined the Alliance. These new members include representatives from Health Information and Management Systems Society (HIMSS), Mortgage Bankers Association (MBA), the Postsecondary Electronic Standards Council (PESC), the Reserve Bank of Cleveland, University Bancorp and Wells Fargo. Several other EAP members were already members of the Liberty Alliance.

All individuals and organizations interested in advancing identity assurances across industries and regions are encouraged to join Liberty’s IAEG to participate in the development of the Liberty Trust Framework. Liberty Alliance has made changes to its membership structure and added new member benefits in order to make it easier for everyone to access the resources of the Alliance and participate in its global expert and special interest groups. Individuals and organizations interested in joining the IAEG can get more information by visiting here. More information about how to join many of Liberty’s public groups and mail lists is also available.

The Liberty Identity Assurance Framework will be applicable to all identity initiatives and specifications. The Framework provides a standard set of criteria so that identity transactions -- with assurance requirements ranging from leaving a comment on a blog to high-value government and financial transactions requiring the highest degree of security and privacy protection -- can move ahead based on a standard organizational framework for managing identity assurance levels and associated business processes and technologies. The Framework establishes baseline operating and assessment criteria, including rules and processes, designed to provide a guideline toward interoperability for all identity protocols.

All organizations relying on identity credentials as a means of supporting business processes will be interested in the Liberty Identity Assurance Framework. More specifically, direct consumers of the Framework will include identity service providers, federations, trust schemes, government agencies and private sector corporations. The Identity Assurance Framework will provide organizations with opportunity to extend the functionality of existing identity management solutions and move to achieve interoperability of identity credentials across inter-federated relationships.

An inter-federation refers to the concept of two or more federations “federating” with each other for the purpose of interoperability and increasing acceptance of identity credentials issued and presented in accordance with the respective rule sets of all organizations involved in the inter-federation. The Liberty Trust Framework is being defined in a way that scales, empowers business processes and benefits individual users of identity services among inter federations that could potentially support billions of simultaneous transactions across devices, industries and regions.