NIST Recommends Creation of Private Sector-Gov’t Steering Group

The National Institute of Standards and Technology proposed Tuesday Feb 7, 2012 the establishment of an independent identity ecosystem steering group, led by the private sector but working with the federal government, to identify and develop standards and policies to assure the security of online transactions.

Image via Wikipedia

The recommendations propose a way to implement the National Strategy for Trusted Identities in Cyberspace, known as NSTIC (pronounced n-stick), a White House initiative to get businesses, advocacy groups, governments and others to improve the privacy,security and convenience of online transactions [see White House Unveils Online Authentication Plan].

“While NSTIC is a government initiative, the identity ecosystem it envisions must be led by the private sector,” Jeremy Grant, NIST’s senior executive advisor for identity management, said in a statement accompanying the release of the report [see Fed’s NSTIC Point Man Jeremy Grant Explains Government’s Role].

“The recommendations we published lay out a specific path to bring together all NSTIC stakeholders to jointly create an online environment, the ecosystem, where individuals and organizations will be able to better trust one another, with minimized disclosure of personal information,” Grant said

NIST, charged by the White House to study the establishment of such a forum, said the group should be structured to safeguard protections for individual privacy and the underrepresented, through mechanisms such as a special privacy coordination committee and an appointed ombudsman.

To get the group started, NIST recommended the government initially fund it through a competitive, two-year grant that would ensure no barriers exist to prevent participation. After a period of initial government support, NIST said, the steering group would need to establish a self-sustaining structure capable of allowing continued growth and operational independence.

The NIST report also includes a recommended charter to help jumpstart the steering group’s initial activities.

NIST also announced its intention to issue a so-called federal funding opportunity for an organization to convene the steering group and provide it with initial secretarial, administrative and logistical support.

Last June, NIST solicited public feedback on the steering group, and received 57 responses. Some 270 people also participated in a workshop, including representatives of business and consumer advocacy groups.

Next up, a March 15 workshop for stakeholders at the Department of Commerce, which NIST is part of, to review the findings and kickoff NSTIC implementation activities in advance of the formal formation of the steering group later in the spring.

Source: http://www.bankinfosecurity.com/articles.php?art_id=4481