Kantara Initiative Announces Identity Assurance Framework 2.0


PISCATAWAY, NJ--(Marketwire - May 17, 2010) -  Kantara Initiative, a global identity consortium promoting technical interoperability and harmonization to grow trust in Identity and Identity Access Management standards, products, and service deployments, today announced approval of its Identity Assurance Framework (IAF) 2.0 as a formal Kantara Initiative Recommendation.

Building upon previous identity assurance efforts within the Electronic Authentication Partnership, Liberty Alliance Project, and now Kantara Initiative, the IAF 2.0 Recommendation is the prime work deliverable of Kantara Initiative's Identity Assurance Working Group.

IAF 2.0 offers a standardized approach to define policies and practices for Credential Service Providers (CSPs), relying parties, and operators of federated identity networks to trust each other's users and information transactions at known, commonly agreed upon levels of assurance. Built upon the 4 commonly accepted levels of assurance scaling from low (Assurance Level 1) to high (Assurance Level 4) risk contexts, IAF 2.0 offers a common set of rules that enables interoperability across programs.

Designed to be technology agnostic, no specific requirements for technology protocol use are defined by IAF 2.0 and, as such, this framework has the potential to catalyze a whole new marketplace in the identity management market.

"IAF 2.0 establishes the criteria for a harmonized, industry-recognized identity assurance standard," said Frank Villavicencio, executive vice president, Identropy Inc., and Kantara Initiative Identity Assurance Work Group chair. "It is a Framework that provides clear definitions of identity assurance levels across various aspects of the identity lifecycle, which allows organizations to more easily federate."

IAF 2.0 is available for adoption and may be profiled to provide additional requirements for specific industry verticals, regardless of their current technology deployment. IAF 2.0 Recommendation is publicly available from:
 http://kantarainitiative.org/confluence/display/GI/Identity+Assurance+Framework+v2.0

"Kantara Initiative encourages governments, healthcare, financial services, and other vertical communities to adopt the identity Assurance Framework 2.0 in an effort to build harmonization and trust across all major technology protocols and jurisdictional policy requirements worldwide," offered Rich Furr, head, global regulatory affairs compliance, SAFE-BioPharma Association and Kantara Initiative Identity Assurance Working Group vice chair. "This approval of the Kantara Recommendation adds even more momentum to the growing adoption of IAF as the de facto common standard for establishing that trust."

IAF 2.0 is comprised of a set of six documents that includes an overview publication, the IAF Glossary, a summary document on Assurance Levels, and an Assurance Assessment Scheme, which encompasses the associated assessment and certification program. There are also several subordinate documents, such as the Service Assessment Criteria which establishes baseline criteria for general organizational conformity, identity proofing, credential strength, and credential management services against which all (CSPs) will be evaluated.

"Requiring Credential Service Providers to be certified through the Kantara Initiative Assurance Accreditation and Certification Program even further increases the level of trust in information transactions," said Nigel Tedeschi, IdM and PKI solutions designer at British Telecommunications and Kantara Initiative Assurance Review Board chair. 

About the Kantara Initiative Assurance Accreditation and Certification Program
The Kantara Initiative Identity Assurance Accreditation and Certification Program operationalizes the use of the IAF 2.0 so that organizations can adopt and certify end-user, CSP and Relying Party trust in services. It provides public and private sector organizations with a uniform means of relying on digital credentials issued by a variety of identity providers (credential service providers) in order to advance trusted identity and facilitate trusted public access to online services and information. Interoperability of e-authentication systems, mutual acceptance of rules, policies and supporting business processes is critical to the cost-effective operation of safe and secure systems that perform essential electronic transactions and tasks across industry lines.

Kantara Initiative anticipates accrediting assessors (or auditors) and certifying CSPs deployed across industry lines using a wide variety of open/standard identity technology. For more information on the program or how to apply visit:
http://kantarainitiative.org/confluence/display/certification/Identity+Assurance+Certification+Program

About Kantara Initiative
Kantara Initiative is a global, open, public-private, technology-agnostic forum comprised of identity ecosystem stakeholders. Co-founded by Liberty Alliance, Internet Society, and the Information Card Foundation, among others, its inspired mission is to promote technical interoperability and harmonization; to develop policy frameworks for operational interoperability and; to provide certification and assessment programs to grow trust in the standards, products, and service deployments. Kantara Initiative freely provides the governance and resources whereby diverse members of the ecosystem successfully collaborate on a diverse portfolio of common policy frameworks, technical specifications and deployment guidelines driven by the identity community, industry and governments from around the world. For more information about getting involved in Kantara Initiative, visit www.kantarainitiative.org.

Contact Information:

Media Contact
Michelle Hunt
Kantara Initiative
Michelle.Hunt@ieee-isto.org
+1 732 981-3434