Hooepage Cybersecuritv Cyberpace Menschen
Nachrichtendienste kybernetische Waffen Bildung
Fachberichte BSI / Deutschland NIST / USA NIST / DRAFTNIST - WeissbuchJuornal - ArtikelSP 800... NIST
Original

Deutsch

Sep 30, 2016

NISTIR 8149

DRAFT Developing Trust Frameworks to Support Identity Federations

More and more, online service providers are struggling to find secure ways of verifying that their consumers are who they say they are while, at the same time, protecting their users' privacy. Some communities and organizations, that share common user bases and transaction types, are choosing to address these challenges by allowing their users to access multiple services through common login credentials. This approach -- known as federated identity management -- enables users to access multiple online organizations and services through shared authentication processes (instead of authenticating separately to each and every service provider).

This document provides an informational look at trust frameworks and explains what they are, what their components are, and how they relate to the concept of identity federation. In Draft NISTIR 8149, Developing Trust Frameworks to Support Identity Federations, NIST aims to educate communities that are interested in pursuing federated identity management, and provide a resource for them as they create the agreements and other components that will make up their trust frameworks. It includes guidance on determining roles in an identity federation, on what to consider from a legal standpoint, and on understanding the importance of establishing and recognizing conformance. Additionally, this document is intended to standardize the language around identity federation and trust frameworks in order to promote their widespread adoption.

Submitting Comments:

Commenters are STRONGLY encouraged to publicly collaborate with the NIST team, and with other participants, via the NISTIR 8149 GitHub pages.

OR, for those of you who prefer, we have provided a PDF version of NISTIR 8149 and traditional comment matrix for your use.

All comments, regardless of how they are provided to NIST, will be made public as a GitHub "issue".

Email comments to: trustframeworks@nist.gov(Subject: "Draft NISTIR 8149 Comments")
Comments due by: November 1, 2016

Draft NISTIR 8149 (HTML on GitHub)
How to Submit Comments (GitHub)
Submitted Issues (GitHub)
Draft NISTIR 8149 (PDF)
Comment Template

a