Posts Tagged ‘Trusted ID-entities’
Envision It! Trusted ID-entity Citizens and UnTrusted Non-ID-Registery Citizens
Envision It! Those that can blog anonymously and those that cannot, those that can bank, sell, gamble, shop and those that cannot.
Envision It! You must Register to do things that you can already do now.
Obama Unleashes N-STIC for Trusted e-Citizen Registry
National Strategy for Trusted Identities in Cyberspace (NSTIC)
Obama is planning to Grant the U.S. Commerce Department Authority over cybersecurity efforts to create an Internet ID for Americans Official Presidential Branch Press Release Info
Posted by Howard A. Schmidt on June 25, 2010 at 02:00 PM EST
Cyberspace has become an indispensible component of everyday life for all Americans. We have all witnessed how the application and use of this technology has increased exponentially over the years. Cyberspace includes the networks in our homes, businesses, schools, and our Nation’s critical infrastructure. It is where we exchange information, buy and sell products and services, and enable many other types of transactions across a wide range of sectors. But not all components of this technology have kept up with the pace of growth. Privacy and security require greater emphasis moving forward; and because of this, the technology that has brought many benefits to our society and has empowered us to do so much — has also empowered those who are driven to cause harm.
Today, I am pleased to announce the latest step in moving our Nation forward in securing our cyberspace with the release of the draft National Strategy for Trusted Identities in Cyberspace (NSTIC). This first draft of NSTIC was developed in collaboration with key government agencies, business leaders and privacy advocates. What has emerged is a blueprint to reduce cybersecurity vulnerabilities and improve online privacy protections through the use of trusted digital identities.
The NSTIC, which is in response to one of the near term action items in the President’s Cyberspace Policy Review, calls for the creation of an online environment, or an Identity Ecosystem as we refer to it in the strategy, where individuals and organizations can complete online transactions with confidence, trusting the identities of each other and the identities of the infrastructure that the transaction runs on. For example, no longer should individuals have to remember an ever-expanding and potentially insecure list of usernames and passwords to login into various online services. Through the strategy we seek to enable a future where individuals can voluntarily choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc) from a variety of service providers – both public and private – to authenticate themselves online for different types of transactions (e.g., online banking, accessing electronic health records, sending email, etc.). Another key concept in the strategy is that the Identity Ecosystem is user-centric – that means you, as a user, will be able to have more control of the private information you use to authenticate yourself on-line, and generally will not have to reveal more than is necessary to do so.
The Department of Homeland Security (DHS), a key partner in the development of the strategy, has posted the draft NSTIC at www.nstic.ideascale.com. Over the next three weeks (through July 19th), DHS will be collecting comments from any interested members of the general public on the strategy. I encourage you to go to this website, submit an idea for the strategy, comment on someone else’s idea, or vote on an idea. Your input is valuable to the ultimate success of this document. The NSTIC will be finalized later this fall.
Thank you for your input!
Howard A. Schmidt is the Cybersecurity Coordinator and Special Assistant to the President
The Strategy’s vision is:
Individuals and organizations utilize secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation.
More specifically, the Strategy defines and promotes an Identity Ecosystem that supports trusted online environments. The Identity Ecosystem is an online environment where individuals, organizations, services, and devices can trust each other because authoritative sources establish and authenticate their digital identities. The Identity Ecosystem enables:
Security by making it more difficult for adversaries to compromise online transactions
Efficiency based on convenience for individuals who may choose to manage fewer passwords or accounts than they do today, and for the private sector, which stands to benefit from a reduction in paper-based and account management processes
Ease-of-use by automating identity solutions whenever possible and basing them on technology that is easy to operate with minimal training
Confidence that digital identities are adequately protected, thereby increasing the use of the Internet for various types of online transactions
Increased privacy for individuals, who rely on their data being handled responsibly and who are routinely informed about those who are collecting their data and the purposes for which it is being used
Greater choice, as identity credentials and devices are offered by providers using interoperable platforms
Innovation Opportunities as service providers develop or expand the services offered online, particularly those services that are inherently higher in risk
With the vision of the Identity Ecosystem in mind, the National Strategy for Trusted Identities in Cyberspace (NSTIC) identifies the following goals:
Goal 1: Develop a comprehensive Identity Ecosystem Framework
Goal 2: Build and implement an interoperable identity infrastructure aligned with the
Identity Ecosystem Framework
Goal 3: Enhance confidence and willingness to participate in the Identity Ecosystem
Goal 4: Ensure the long-term success of the Identity Ecosystem
Nine high-priority actions align to these goals and the vision. These actions provide the foundation for the Identity Ecosystem implementation. The actions are:
Action 1: Designate a Federal Agency to Lead the Public/Private Sector Efforts Associated with Achieving the Goals of the Strategy
Action 2: Develop a Shared, Comprehensive Public/Private Sector Implementation Plan
Action 3: Accelerate the Expansion of Federal Services, Pilots, and Policies that Align with the Identity Ecosystem
Action 4: Work Among the Public/Private Sectors to Implement Enhanced Privacy
Action 5: Coordinate the Development and Refinement of Risk Models and Interoperability Standards
Action 6: Address the Liability Concerns of Service Providers and Individuals
Action 7: Perform Outreach and Awareness Across all Stakeholders
Action 8: Continue Collaborating in International Efforts
Action 9: Identify Other Means to Drive Adoption of the Identity Ecosystem across the
(Under ‘Envision it’ these are actions that can and are already done. It certainly makes tax collection Smart-Phone Easy.)
An individual voluntarily requests a smart identity card from her home state. The individual chooses to use the card to authenticate herself for a variety of online services, including:
- · Credit card purchases,
- · Online banking,
- · Accessing electronic health care records,
- · Securely accessing her personal laptop computer,
- · Anonymously posting blog entries, and
- · Logging onto Internet email services using a pseudonym.
A power utility remotely manages Smart Grid software deployed on an electricity meter. Trusted hardware modules and secure authentication between the power company and the meter prevent deploying fraudulent meters as a way to steal electricity; ensure that the hardware and software configurations are correct; and restrict meter software to only run on authorized meters.
Likewise, the meter trusts that instructions and periodic software upgrades come from the power company.
These trusted interactions reduce the threat of fraudulent activity and deployment of malware within the Smart Grid.
An online auction website sets a policy that it will accept trustmark-approved credentials. The auction incentivizes private sector organizations and individuals to participate by offering a one-time discount on the service charge associated with an auction purchase and by accommodating a large variety of credentials and identity media.
An individual authenticates himself to an online pharmacy using a credential bound to his personal computer. The individual makes an online request for the pharmacy to fill his prescription. Through privacy-enhancing technology, the individual’s attribute provider provides authoritative proof that he is over 18 and that his prescription is valid. The technology ensures that no unnecessary information is exchanged in this transaction (e.g., his birth date, reason for the prescription). The technology also filters information so that the attribute providers –the authoritative sources of the age and prescription information – do not know which pharmacy the individual is using.
An individual uses a strong credential issued by a third party and bound to his existing cell phone to access government tax services online. He views tax history, changes demographic information, monitors refund status, and files his taxes electronically. Both the online service provider and the individual are able to leverage existing infrastructure (e.g., cell phone and online services) in support of the transaction
An individual learns of a new and more secure way to access online services using a strong credential provided by a trustworthy service provider. He learns that his cell phone carrier, bank, and local governments will all be offering credentials that will work with his personal computer. Upon further research, he also discovers that his email provider, social networking site, health care provider, and local utility companies accept the strong credential. He reflects upon his choices and selects the credential provider that provides him with the most personal convenience.
An energy company partners with a new and innovative identity provider to extend its energy management services. Both companies are trustmark-approved. Using a smart card issued by the identity provider (and also used to access other online services at the discretion of the individual), an individual accesses the energy company’s website to view the status of his home’s energy consumption. The website allows individuals to view the energy intake of high-consuming devices such as refrigerators, microwaves, and stoves. The individual notices that the power attributed to a particular device is higher than normal, indicating that the device may need to be fixed or replaced.
A large national emergency erupts on the coastline and a call for support results in a flood of first responders at the emergency site. A federal agency is able to share information with and provide direction to state and local officials, utility providers, and emergency first responders from all over the country about the local event. Each participant in the information exchange uses a credential issued by his employer to log into the information-sharing portal to see the status of events in each respective area.
Resources are deployed more quickly and with greater focus based on the information shared.
Obama Unleashes N-STIC for Trusted e-Citizen Registry
National Strategy for Trusted Identities in Cyberspace (NSTIC)
The National Strategy for Trusted Identities in Cyberspace
My First Black President is Creating a Second Class UnTrusted (Non-Registered) Citizen vs ID Trusted Entity Citizenship
Obama is planning to Grant the U.S. Commerce Department Authority over cybersecurity efforts to create an Internet NSTIC TrustMark IDentity for Americans
On Jan 7th at the Stanford Institute for Economic Policy Research, Presidential Branch Officials; the U.S. Commerce Secretary Gary Locke and Cybersecurity Coordinator Howard Schmidt announced The National Strategy for Trusted Identities in Cyberspace or NSTIC. Where by creating two tears of online ID-entities Trusted and Untrusted. The project has already been under field testing since mid twenty-ten.
‘The National Strategy for Trusted Identities in Cyberspace (NSTIC), will be released by the president in the next few months. We are not talking about a national ID card, We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.’ Locke said
‘I don’t have to get a credential (register as a trusted entity), if I don’t want to. There’s no chance that a centralized database will emerge, and we need the private sector to lead the implementation of this. It’s the absolute perfect spot in the U.S. government to centralize efforts toward creating an identity ecosystem for the Internet.’ Schmidt said. cbs
Those that have taken the NSTIC will be allowed to post on sites, have a blog, bank or pay bills and be members. If you haven’t gotten NSTIC-ed then you will not be allowed curtain access or have specific membership accounts, as well as limit the types of files, programs, networks or activities that can be accessed. Non-NSTIC entities Activity could be subject to more tracking, higher security and slower connections as well.
Online or Offline the idea of My First Black President creating a second class or creating a less trusted, non-registered citizen is appalling and the Hope is dead with this Change.
The Government Can’t be involved in creating a registry of trusted individuals and non-trusted Individuals for access to communication, the public domain, the community or the marketplace.
The Proposal of such a Government idea is an affront to Equity, Justice, Honor, Freedom, Liberty and the Sovereign Individuals Fundamental Natural Rights.
Jim Dempsey of the Center for Democracy and Technology, also spoke at the event and said “Any Internet ID must be created by the private sector. The government cannot create that identity infrastructure, if it tried to, it wouldn’t be trusted.”
However I don’t Believe that having a unique ID for every American to be labeled Trusted will ever Be Trusted, even with “Private Sector” Multi-National Corporations such as AT&T, Verizon, Time/Warner, Microsoft, MSN, Yahoo, Google, In-q-tel, RAND etc. being in charge.
I don’t think after the Mainstream Insider Whistle Blowers Exposure of the Dark Fiber, Black Fusion Rooms in Every Telecommunications Relay Station in America Hooked Directly into Top Secret Federal Databases, nor After the WikiLeaks exposure of the Spy Information Menu’s from All the ISP, Telecoms, and Financial Companies for any Citizens information at Government set industry prices, rush fee and warrantless access fee extra, that there will be much Hope of Unique Citizen ID Internet Access.
We have been witness to the Complete Financial and Economic Industrial Collusion of Every Multinational in every election for the last 50 plus years and Now we are Informed About It.
This is something that the MutliNational Mainstream Networks Still Aren’t Allowing to be Address on the “News” because they would be seen for what they have done and do.
We will not give up the New Guttenberg Press that can reach the world instantly for any Centralized Electronic Cattle Tagging Scheme about National Security. No New STIC will Prod us into Giving Up Rights, Freedom and Liberty for Safety and Servitude.
The People of the World are awake and Freeing themselves of Usury and Fraud.
It is Hard and Painful but the Reset is happening, the Re-Public is Underway.
Come at us with your NSTIC and we will expose the corruption.
The More We know and the more We can Peacefully Resist, The Tighter You’ll Have to Squeeze, The More Brutal You’ll Become, The Bigger and Easier Your STIC will be for Everyone to See and Feel; and then the More the Freedom of the Information We Have the Faster You will Be Exposed and We Can Stand Peacefully, without Your Fear among us, United Undefeatable for Personal Liberty and Justice.
The Internet Far Out ways the Mainstream Networks on total viewers. Internet/Alternative information citizens are far more informed and active as citizens of the community than those remaining minority that are still on the couch with the “Private Sector” RanD Programming.
Don’t take the NSTIC, Resistance in Victory.