1 about the better identity
play

1 About the Better Identity Coalition Focus: developing and - PowerPoint PPT Presentation

Dec 13, 2022 •196 likes •855 views

1 About the Better Identity Coalition Focus: developing and advancing consensus-driven, cross-sector policy solutions that promote the development and adoption of better solutions for identity verification and authentication. Launched in

  1. 1

  2. About the Better Identity Coalition • Focus: developing and advancing consensus-driven, cross-sector policy solutions that promote the development and adoption of better solutions for identity verification and authentication. • Launched in February 2018 as an initiative of the Center for Cybersecurity Policy & Law, a non-profit dedicated to promoting education and collaboration with policymakers on policies related to cybersecurity. • As government contemplates new policies to improve the quality of digital identity, the Better Identity Coalition is bringing together leading companies to help develop innovative ideas that improve security, privacy, and convenience for all Americans. 2

  3. Agenda Time Agenda Speakers 9:30 AM Welcome and introduction Jeremy Grant, Coordinator, Better Identity Coalition 9:35 AM Congressional Keynote Rep. Michael McCaul – Chairman, House Committee on Homeland Security and Co-Chair, Congressional Cybersecurity Caucus 9:50 AM Administration Keynote Grant Schneider – Senior Director for Cybersecurity, White House National Security Council (NSC) & Acting Chief Information Security Officer (CISO), U.S. Government 10:10 AM Industry Keynote Debbie Guild, Chief Security Officer, PNC 10:30 AM Overview: A Policy Blueprint for Better Identity in Jeremy Grant, Coordinator, Better Identity Coalition America 11:15 AM Remarks from the National Cyber Security Alliance Russ Schrader, Executive Director, NCSA (NCSA)  11:30 AM Panel: "Better Identity in the Post- Breach World” Donna Beatty – Global Product Management, JPMorgan Chase   Perspectives from industry and consumer Abbie Barbir – Senior Security Advisor, Aetna  groups on “the identity challenge” and how Charlie Walton – Senior Vice President, Mastercard  better identity solutions are needed Jim Barnett - AARP 12:15 PM Closing Keynote Rep. Jim Langevin - Co-Chair, Congressional Cybersecurity Caucus 12:30 PM Wrap-up - Lunch and informal discussion Informal lunchtime discussion between attendants and Better Identity Coalition members 1:00 PM Event concludes 3

  4. About the Better Identity Coalition • Focus: developing and advancing consensus-driven, cross-sector policy solutions that promote the development and adoption of better solutions for identity verification and authentication. • Launched in February 2018 as an initiative of the Center for Cybersecurity Policy & Law, a non-profit dedicated to promoting education and collaboration with policymakers on policies related to cybersecurity. • As government contemplates new policies to improve the quality of digital identity, the Better Identity Coalition is bringing together leading companies to help develop innovative ideas that improve security, privacy, and convenience for all Americans. 4

  5. Members 5

  6. Framing the Challenge Security Compliance Privacy Transaction Costs Customer Trust Experience 6

  7. Trust is hard to get right.

  8. Identity (when done right) enables Trust

  9. Identity as “the great enabler”

  10. Identity as the Great Enabler Providing a foundation for digital transactions and online experiences that are: • Secure • Easy to Use • Protect Privacy 10

  11. The challenge “Digital identity presents a technical challenge because this process often involves proofing individuals over an open network, and always involves the authentication of individual subjects over an open network ...” “The processes and technologies to establish and use digital identities offer multiple opportunities for impersonation and other attacks.” - National Institute of Standards and Technology (NIST) 11

  12. Our approach (to date) 12

  13. Which has proven to be very practical 13

  14. Especially when adversaries already know the answer 14

  15. This has not worked well Nobody can actually manage this for one password – let alone 20-30 Any password that meets this criteria is still susceptible to phishing, malware and password reuse Makes your employees and customers hate you 15

  16. The cost of outdated identity solutions 16

  17. The cost of outdated identity solutions 17

  18. Why has this been so hard to solve? • The “identity gap” – the U.S. has many nationally recognized, authoritative identity systems • All are trapped in the paper world 18

  19. This was an attempt to get around the “identity gap” Industry needed something to enable trusted digital commerce – this was the best solution out there 19

  20. It worked for a while • But today, attackers have caught up • “ Out of wallet” questions are not as secret as they used to be 20

  21. While any one of these breaches on its own creates serious policy issues, there now exists the potential for malicious actors to combine multiple stolen data sets into one, thereby enabling them to obtain more complete “packages” of identity information. -House Energy & Commerce Committee, 2017 21

  22. SSNs are no longer “secrets” 22

  23. Summary: Where we are today • In an era where transactions are increasingly digital, our authoritative identity systems are stuck in the paper world • Solutions that “papered over” that fact helped for a while – but now attackers have caught up • “Shared secrets” like SSNs and passwords are no longer secret • Industry innovation is helping to develop better, next-generation identity solutions such as passwordless authentication and identity proofing tools that scan and validate ID documents • But – government remains the one authoritative issuer of identity. In this next phase of making identity “Better,” the government also has a role to play 23

  24. What does “Better” look like? • Better Security – with Less Fraud and Identity Theft – Embracing the recommendation of the 2016 Commission on Enhancing National Cybersecurity that “Compromises of identity will be eliminated as a major attack vector by 2021.” • Better Convenience for Consumers – Allowing consumers to open new accounts online with ease, without having to go through duplicative, burdensome enrollment processes. • Better Confidence for Both Consumers and Service Providers – That identities asserted online are reliable and trustworthy. • Better Privacy – Shifting the predominant model for identity verification from one based on firms aggregating personal data without opt-in consent, to one where consumers proactively request that their identity be validated by parties with whom they already have a trusted relationship 24

  25. How to Get There: A Policy Blueprint • Five core areas where government can and should help • A specific action plan detailing “who needs to do what” in Congress and the Executive Branch • No single action or initiative can “solve” identity • But: taken as a package, if this Policy Blueprint is enacted and funded, it will make identity better 25

  26. A caveat • There are some identity problems that we honestly don’t know how to solve • Some of them tie into issues that are highly political, and where consensus is not likely any time soon • We acknowledge them – but we don’t have answers for everything • Our focus here: a set of actionable items that – while they won’t solve every problem in identity, will definitively make digital identity better. 26

  27. A Policy Blueprint 27

  28. In simple terms: If I’ve gone through the process of having an agency vet my identity once – can I ask that agency to vouch for me when I need to prove who I am to another party? America’s legacy paper -based systems should be modernized around a privacy-protecting, consumer-centric model that allows consumers to ask the government agency that issued a credential to stand behind it in the online world – by validating the information from the credential. 28

  29. How this could work 1. Agencies validate attributes I request the government helps me prove I’m me Match! Match! ??? 29

  30. Of note… • Sec. 215 of the “Economic Growth, Regulatory Relief, and Consumer Protection Act” directs SSA to establish this service for transactions covered under the Fair Credit Reporting Act (FCRA) • One idea: expand beyond FCRA 30

  31. How this could work 2. Apps enable consumers to easily prove their identity I request the government helps me prove I’m me ??? Match! 31

  32. 32

  33. Improving Identity While Protecting Privacy • Inadequate identity solutions have impacted the privacy of millions of Americans – through an epidemic of breaches. Better Identity is key to improving privacy protections. • New identity solutions backed by the government should embrace a “Privacy by Design” approach ensures that any new solutions are architected from the start to address privacy risks; protections are embedded in the solution architecture • Government should only validate data should when consumers request it, and only for the purpose specified. • Consumers should be able to choose to share or validate only certain attributes about themselves without reveaing all their identifying data. • To ensure that new systems are secure and privacy-preserving, NIST should be funded to lead development of a framework of standards and operating rules that will apply to any new government attribute validation services. 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes Identity theft can cost you time and money. Tips for Preventing Identity Theft

322 views • 10 slides
Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase Automation and Security. Identity Management (IAM, IdM) defining and managing the roles and access privileges of individual network users, and the

2.89k views • 13 slides
IDENTITY What is the Relationship Between Identity and the College Experience? What Role

IDENTITY What is the Relationship Between Identity and the College Experience? What Role

2/15/2019 Jordan Truex Agenda or Summary Layout The Road to SelfAuthorship NonTraditional Students Effective Interview Strategies Meeting the Student Where They Are IDENTITY What is the Relationship Between Identity and the

367 views • 10 slides
What is Identity Theft? "Someone obtaining your personal identifying information without

What is Identity Theft? "Someone obtaining your personal identifying information without

Identity Fraud: Protecting Your Identity Between Work and Play Ryan Sothan, Outreach Coordinator Nebraska Department of Justice, Office of the Attorney General Consumer Protection and Anti-Trust Division What is Identity Theft?

314 views • 18 slides
my Identity TM 2 my Identity Learning objectives In this overview, you will learn about:

my Identity TM 2 my Identity Learning objectives In this overview, you will learn about:

my Identity TM 2 my Identity Learning objectives In this overview, you will learn about: The four components of my Identity TM How the product can benefit customers in real-world scenarios The benefits of the product for brokers 3

530 views • 19 slides
Adopting the global Marketing Lead Domains.coop co-operative identity www.identity.coop 24

Adopting the global Marketing Lead Domains.coop co-operative identity www.identity.coop 24

People stronger together Nicola Huckerby Adopting the global Marketing Lead Domains.coop co-operative identity www.identity.coop 24 April 2015 Co-operative identity Visual identity Online identity www.domains.coop @domainsdotcoop

944 views • 58 slides
Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Contents Background Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based Signature Conclusion Manik Lal Das DA-IICT, Gandhinagar, India About DA-IICT and Our Group DA-IICT is a private university,

563 views • 35 slides
The Nexus of Identity IBM's submission for the W3C Identity in the Browser Workshop by

The Nexus of Identity IBM's submission for the W3C Identity in the Browser Workshop by

The Nexus of Identity IBM's submission for the W3C Identity in the Browser Workshop by Maryann Hondo, Mary Ellen Zurko, Matthew Flaherty, Paula K. Austel, Sridhar Muppidi Net - net of the paper Our customers expect us to give them the

558 views • 9 slides
So Some facts About 43% of all reported identity thefts in the U.S. in 2013 were

So Some facts About 43% of all reported identity thefts in the U.S. in 2013 were

So Some facts About 43% of all reported identity thefts in the U.S. in 2013 were medical-related, according to a study released last month by Identity Theft Resource Center (ITRC). 1 in 3 people report a problem after their identity is

827 views • 26 slides
Identity Theft By: Brian Paulsen How common is identity theft? According to the US Department of

Identity Theft By: Brian Paulsen How common is identity theft? According to the US Department of

Identity Theft By: Brian Paulsen How common is identity theft? According to the US Department of Justice, 10% of people over the age of 16 reported being victims of identity theft in 2016 (Harrell). Who is most susceptible? Multiple reports

233 views • 21 slides
Internet Identity Initiatives Internet Identity Initiatives RL Bob Morgan University of

Internet Identity Initiatives Internet Identity Initiatives RL Bob Morgan University of

Internet Identity Initiatives Internet Identity Initiatives RL Bob Morgan University of Washington and Internet2 EMC2 Mlaga, S pain October 2006 Topics Topics Internet identity buzzwords/ proj ects: user-centric, sxip, dix,

395 views • 18 slides
ID ID32b An innovative approach to identity Mike McWilliams August 2020 What is identity?

ID ID32b An innovative approach to identity Mike McWilliams August 2020 What is identity?

ID ID32b An innovative approach to identity Mike McWilliams August 2020 What is identity? In the past your name was a unique identity. - In your village there was only one smith (metal worker) called John. - For reference outside the

511 views • 13 slides
Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6 million 63% Identity fraud is a serious issue. people experienced of confirmed data Fraudsters have identity theft in 2014 breaches involved stolen

605 views • 29 slides
Identity Management Scaling Out and Up Jan Pazdziora Principal Software Engineer Identity

Identity Management Scaling Out and Up Jan Pazdziora Principal Software Engineer Identity

Identity Management Scaling Out and Up Jan Pazdziora Principal Software Engineer Identity Management Engineering, Red Hat jpazdziora@redhat.com 15 th October 2014 Identity Users; user groups. Hosts; host groups; services. Identities

700 views • 18 slides
Response Identity in Session Initiation Protocol draft-cao-sip-response-identity-00 Feng Cao

Response Identity in Session Initiation Protocol draft-cao-sip-response-identity-00 Feng Cao

Response Identity in Session Initiation Protocol draft-cao-sip-response-identity-00 Feng Cao Cullen Jennings 1 Agenda Introduction Scope Requirements SIP Response Identity Overview Open Issues Summary 2

205 views • 9 slides
Teachers professional identity; Professional development and learning & teacher identity

Teachers professional identity; Professional development and learning & teacher identity

Teachers professional identity; Professional development and learning & teacher identity Bart Cris risp Th The Ce Centre for r th the Use se of f Rese search and Evi vidence in in Educatio ion Pres esen entati tion at t th

308 views • 17 slides
Managing a software project the dos and donts SI2 PI Meeting January 18, 2012 Von Welch

Managing a software project the dos and donts SI2 PI Meeting January 18, 2012 Von Welch

Managing a software project the dos and donts SI2 PI Meeting January 18, 2012 Von Welch Director and PI CTSC trustedci.org 1 Center for Trustworthy Scientific Cyberinfrastructure (CTSC) Jim Basney, Randal Butler, Scott Koranda, Jim

264 views • 9 slides
How iR iRODS Manages Data for a Hydrology Community of 1000's 's of Users Ray Idaszak, David G.

How iR iRODS Manages Data for a Hydrology Community of 1000's 's of Users Ray Idaszak, David G.

HydroShare and iR iRODS: : How iR iRODS Manages Data for a Hydrology Community of 1000's 's of Users Ray Idaszak, David G. Tarboton (PI), Hong Yi, Chris Calloway, Shaowen Wang, Jeffery Horsburgh, Dan Ames, Martyn Clark, Jon Goodall, Alva

373 views • 15 slides
Security Contacts in SAML Metadata Jim Basney jbasney@ncsa.illinois.edu Topics About

Security Contacts in SAML Metadata Jim Basney jbasney@ncsa.illinois.edu Topics About

Security Contacts in SAML Metadata Jim Basney jbasney@ncsa.illinois.edu Topics About InCommon Federated security incident response Security contacts in metadata Metadata integrity Examples and statistics Open questions

463 views • 12 slides
1 2 3 Provide background on CA student demographics Briefly describe the CAASPP and ELPAC testing

1 2 3 Provide background on CA student demographics Briefly describe the CAASPP and ELPAC testing

1 2 3 Provide background on CA student demographics Briefly describe the CAASPP and ELPAC testing programs, purposes of each, how many students are tested, etc. Describe the state perspective on communicating results to parents, using the

530 views • 27 slides
CCIN2P3 connectivity NCSA / LSST meeting jerome.bernier@in2p3.fr May 2015 CCIN2P3 connectivity

CCIN2P3 connectivity NCSA / LSST meeting jerome.bernier@in2p3.fr May 2015 CCIN2P3 connectivity

CCIN2P3 connectivity NCSA / LSST meeting jerome.bernier@in2p3.fr May 2015 CCIN2P3 connectivity n Generic IP RENATER GEANT n LHC project LHCOPN LHCONE n CCIN2P3 LAN n LSST needs CCIN2P3 May 2015 IN2P3 network SC

158 views • 15 slides
Road Map 1. Introduction Introduction 1. 2. The Physical Problem The Physical Problem 2. 3.

Road Map 1. Introduction Introduction 1. 2. The Physical Problem The Physical Problem 2. 3.

CBPF S ANTA F E I NSTITUTE Brazilian Center for Research in Physics NExtComp Molecular Dynamics Application for Long-Range Interacting Systems on a Computational Grid Environment Marcelo Portes de Albuquerque Marcelo Portes de Albuquerque

254 views • 12 slides
Introduc)on to GPU Programming Mubashir Adnan Qureshi

Introduc)on to GPU Programming Mubashir Adnan Qureshi

Introduc)on to GPU Programming Mubashir Adnan Qureshi h3p://www.ncsa.illinois.edu/People/kindr/projects/hpca/files/singapore_p1.pdf h3p://developer.download.nvidia.com/CUDA/training/NVIDIA_GPU_Compu)ng_Webinars_CUDA_Memory_Op)miza)on.pdf Tutorial

597 views • 27 slides
Damaris: Using Dedicated I/O Cores for Scalable Post-petascale HPC Simulations Matthieu Dorier

Damaris: Using Dedicated I/O Cores for Scalable Post-petascale HPC Simulations Matthieu Dorier

Damaris: Using Dedicated I/O Cores for Scalable Post-petascale HPC Simulations Matthieu Dorier ENS Cachan Brittany extension matthieu.dorier@eleves.bretagne.ens-cachan.fr Advised by Gabriel Antoniu SRC Context: HPC simulations on Blue Waters

539 views • 12 slides

More recommend