"NSTIC Day" Proposed Agenda
As NIST previously announced, we have opted to forgo a formal NSTIC technology and standards workshop this fall in favor of playing an active role at IIW; IIW, in turn, has been generous enough to offer up the second day of the event as “NSTIC Day” – both creating a space for NIST to propose sessions on a few key topics.
While IIW is an “unconference” where the agenda is created live at the event each morning, the following represents the sessions NIST intends to propose for the event:
- NSTIC Update: The NSTIC program has been quite busy over the summer, with major progress made on a variety of fronts including: establishment of an Identity Ecosystem Steering Group, work to enable agency adoption of approved third party credentials; preparation of pilot programs and establishment of a formal NSTIC program office. This session will provide an opportunity for attendees to get an update on the state of the NSTIC program and ask questions of Jeremy Grant, the program manager.
- Interoperability: What does "interoperability" really mean (and what should it mean) in the context of NSTIC? How can multiple solutions, i.e., different technology & policy "stacks" coexist in the Identity Ecosystem? Is there a single architecture that can support multiple solutions?
- Standards Development: NSTIC envisions that a steering group will take the lead on identification and development of standards to support the Identity Ecosystem. There are a number of standards development organizations (SDO’s) that play a role today in the identity and authentication standards worlds. This session will seek input on 1) what standards exist today that are an appropriate foundation for the Identity Ecosystem; 2) where new or better standards are most needed, and 3) which organizations (or organizations) are best positioned to tackle the standards work.
- Technology in the Context of NSTIC Guiding Principles: NSTIC has four guiding principles – that identity solutions be: 1) Privacy-enhancing and voluntary; 2) Secure and resilient; 3) Interoperable and 4) Cost-effective and easy-to-use. In the marketplace of identity solutions, do some technologies stand out as being more suitable than others to align with these principles? Are there some that might be inherently at odds with them? Or is technology simply a tool, with the real issue lying in the details of how it is implemented?
In addition, IIW will be creating a space during NSTIC day for firms to exhibit and demonstrate identity and authentication technologies and solutions. One of the big questions we are always asking is: what new (and potentially disruptive) technologies, architectures, and business models are emerging that may support the NSTIC vision? This space will be the place for both established players, as well as small businesses and entrepreneurs, to present their offerings.
In keeping with the unconference format, we also look forward to seeing NSTIC-related sessions proposed by other IIW attendees.
Government attendees at IIW include:
- Jeremy Grant, National Institute of Standards and Technology
- Ross Micheals, National Institute of Standards and Technology
- Tim Polk, National Institute of Standards and Technology
- Naomi Lefkovitz, White House National Security Staff
- David Temoshok, U.S. General Services Administration