Toggle navigation
Home
About
Journal
Blog
Contact
Making Digital Services Secure and Trustworthy
Blog Archives
04/01/2023:
Evolving Government to Citizen Shared Identity Services
02/11/2023:
Escape from Apple's Walled Garden
06/11/2016:
Are We Having a Gone With the Wind Identity Moment in the US?
03/06/2016:
How To Connect Research and Startup Communities
02/14/2016:
Avoiding the Echo Chamber when Building a Research Agenda
01/31/2016:
Building a Bridge Across the Research Valley of Death
01/18/2016:
How to Work on the Wildly Important while Walking in a Windstorm
12/12/2015:
Why Should Digital Service Delivery Organizations Conduct R and D?
12/06/2015:
Federal Funding for Blockchain Security and Identity Verification Technologies
06/19/2015:
What Do Standards Have To Do With Impact?
06/03/2015:
The pursuit of happiness
02/11/2015:
Leaving GSA and FICAM
01/10/2015:
Will 2015 be the Year of Public Sector Digital Service Delivery?
12/14/2014:
My 10 Most Popular Blog Posts of 2014
12/06/2014:
Protecting Personal Data with Multi-Factor Authentication and Identity Proofing
11/30/2014:
The Monomyth Fallacy of Digital Service Delivery
11/23/2014:
How Identity Resolution Can Help Attribute Providers Overcome Blindness
11/16/2014:
RFI - EMV Enabled Debit Cards as Authentication Tokens?
11/08/2014:
Why Multi-Factor and Two-Factor Authentication May Not Be the Same
11/01/2014:
Identity Establishment, Management and Services
10/25/2014:
A C2G Identity Services Overview of Canada
10/18/2014:
A Simple Framework for Trusted Identities
10/12/2014:
What Is the Role of Transaction Risk in Identity Assurance?
10/05/2014:
Do the Majority of Public Sector Digital Services Need Credentials?
09/28/2014:
Are We Conflating Identity Verification and Compensating Controls?
09/21/2014:
Who Else Wants a Portable Token as the First Authentication Factor?
09/18/2014:
Please Take My 2014 Reader Survey
09/14/2014:
The Value of Sameness in a World Demanding Identity
09/06/2014:
Public Sector Identity Assurance Guidelines and Standards
08/30/2014:
Attributes are the New Money
08/23/2014:
Near Real-Time Anomaly Detection and Remediation
08/17/2014:
The Missing Link Between Tokens and Identity
08/09/2014:
Backpacking the Glacier National Park Gunsight Pass Trail
07/27/2014:
Should Level of Assurance be Scalar or a Vector?
07/19/2014:
What are KBA Metrics?
07/12/2014:
Identity Validation as a Public Sector Digital Service?
07/06/2014:
Relaxing, Recharging and Hiking in Banff National Park, Canada
06/17/2014:
Cybersecurity R&D Solicitation ($95M) Announced
06/14/2014:
Identity Assurance and Knowledge Based Authentication
06/07/2014:
FRAUD as a Digital Platform Service
05/31/2014:
The Venn of Identity Proofing and Identity Resolution Attributes
05/24/2014:
Breaking Identity Proofing to Enable Online Services
05/18/2014:
Leveraging User Experience Expectations at the RP
05/11/2014:
DIACC Launches in Canada
05/03/2014:
Should RP Business Process Data Collection and Validation be Outsourced to a CSP?
04/27/2014:
Quantitative Criteria for Evaluating Identity Resolution Data at the RP
04/13/2014:
Standardizing the RP Requirements for Identity Resolution
04/05/2014:
Context and Identity Resolution
03/29/2014:
The Trusted Role of an Attribute Broker
03/23/2014:
Three Indicators for Successful Public Sector Service Delivery
03/15/2014:
Proprietary Attribute Validation (Remote Identity Proofing) APIs
03/08/2014:
Yahoo, Identity Federation, and You as a Valuable Product
03/01/2014:
Fraudulent Account Activity Signaling and NISTIR 7817
02/22/2014:
Why are U.S. Financial Institutions Not at the Identity Table?
02/15/2014:
Identity Establishment, Verification and Validation
02/08/2014:
Fraudulent Account Activity Signaling in Broker/Proxy Models
02/01/2014:
International Travel and Mobile Data Access in Kerala, India
01/31/2014:
Government’s role in Identity Establishment [Event]
01/05/2014:
Data Minimization with Front Channel SAML Attribute Requests
12/27/2013:
My 10 Most Popular Identity Related Blog Posts of 2013
12/21/2013:
Five Habits of an Effective Executive
12/21/2013:
FICAM TFS Component Identity Services Terminology
12/14/2013:
Proxy Architecture
12/07/2013:
Is a CSP In a Federation, Without Identity Attributes, a Token Manager?
11/30/2013:
Are Federated Credentials and Continuous Identity Verification Compatible?
11/27/2013:
FICAM TFS Program at IDESG TFTM Committee [Event]
11/24/2013:
What Capabilities are Enabled by Public Sector Federated Identity Platforms?
11/16/2013:
U.S. Federal Government's Identity Federation Framework
11/10/2013:
Balancing Identity Assurance and User Enrollment UX
11/03/2013:
My Three Wishes for the Public Sector Identity Genie
10/27/2013:
Why Protocol Profiles are Critical for Interoperability
10/19/2013:
Who are the Natural Source of High Assurance Credentials for Public Sector Services?
10/14/2013:
Does a Credential of Last Resort Need to be Offered by Public Sector Services?
10/13/2013:
Do Not Go Gentle into That Good Night
10/11/2013:
Personal Data and Government by Dan Geer, CISO at In-Q-Tel
10/10/2013:
Does Public Sector Identity Federation have a Compelling Gain-to-Pain Ratio?
10/05/2013:
Local Credentials and Life in the Federation Glass House
10/01/2013:
Government Shutdown and Furlough
09/29/2013:
Does KBA and Public Sector Online Services Have a Future?
09/21/2013:
User Enrollment Challenges with PKI Credentials
09/14/2013:
How To Enroll a User, Even When There are No Shared Identifiers
09/07/2013:
Here Be Dragons - Social Security Number and Federation User Enrollment
08/31/2013:
If You Don't Plan For User Enrollment Now, You'll Hate Federation Later. Redux.
08/28/2013:
How to Bury an Issue [Quote]
08/24/2013:
Role of Multi-Sided Platforms in Identity Federation
08/19/2013:
Backpacking Yellowstone National Park
08/10/2013:
Federated Credential Use. A Tale of Poultry and Public Sector
08/04/2013:
Recommended Hike - A.T./Neighbor Mountain/Jeremy's Run
07/31/2013:
Back on the Grid ...
07/06/2013:
Identity Establishment and the Role of the Public Sector
06/30/2013:
Dear Maryland, Will You Be Wasting My Tax Dollars on Passwords?
06/28/2013:
Never Miss a Post if Reading this Blog via RSS
06/23/2013:
HOW TO Choose Attributes to Uniquely Identify a Person
06/19/2013:
Castles with Glass Doors
06/16/2013:
Tools for the Connected Backpacker
06/12/2013:
FICAM Information Sharing Day and Vendor Expo [Event]
06/09/2013:
Purity and Pragmatism in Standards Profile Compliance
06/05/2013:
Identity? Privacy? Authorization? It is all about Context!
06/01/2013:
What is the Value of an Assertion of Identity at LOA 1?
05/29/2013:
SIA Government Summit 2013 [Event]
05/25/2013:
An Emerging Standard for Identity Proofing and Verification
05/18/2013:
Likelihood of Alien Invasions and Assurance Levels
05/12/2013:
HOW TO Visualize Access Control Use Cases
05/04/2013:
Can Web APIs Bridge the Sharing and Safeguarding Gap?
05/01/2013:
New Ideas by William James [Quote]
04/27/2013:
If Identity is the New Money, Standardized Assurance is the Currency of Trust
04/23/2013:
Hiking the Appalachian Trail in Maryland
04/20/2013:
Why I Will Not Ride The (Trust) Elevator
04/13/2013:
Credential Manager in the Token and Attribute Manager Separation Model
04/10/2013:
Unfairness of Life by Marcus Cole [Quote]
04/06/2013:
Pace on the Path to Progress
03/30/2013:
Relying Parties as IdPs and Assurance Level Escalation
03/27/2013:
Limits of Power by David D'Alessandro [Quote]
03/23/2013:
Will Consumer IdPs Become the Maginot Line of Federated Identity?
03/16/2013:
Anonymity in the Token and Attribute Manager Separation Model
03/09/2013:
Visualizing the Needs of Attribute Consumers and Attribute Providers
03/02/2013:
HOW-TO Incorporate Risk Management into Assurance Level Determination
02/23/2013:
Tell Us Once or Tell Us Each Time; Implications for Digital Services
02/16/2013:
FFIEC and NIST Authentication Guidance. Does a Token Venn Diagram Exist?
02/13/2013:
A New Day by Ralph Waldo Emerson [Quote]
02/09/2013:
These Are Not The LOAs (1+,2+,3+) You Are Looking For. Move Along
02/08/2013:
5th Annual Adobe Government Assembly [Event]
02/06/2013:
NIST SP 800-63-2, Electronic Authentication Guideline, Released for Public Comment
02/02/2013:
Gov of Canada Approach to Separating Credential (Token?) and Identity Assurance
01/30/2013:
Innovation by Niccolo Machiavelli [Quote]
01/26/2013:
Hang Together or Hang Separately? U.S. Digital and Information Sharing and Safeguarding Strategies
01/19/2013:
User Consent in the Age of Attributes - Part 2
01/12/2013:
Can NIST E-Authentication Guideline SP 800-63-1 Support a Token-Attribute Separation Model?
01/05/2013:
A Model for Separating Token and Attribute Manager Functions
01/01/2013:
How WAYF implements informed consent for attribute release without storing PII
08/26/2012:
Meditation by Chief Tecumseh [Quote]
08/25/2012:
Backpacking in the Rocky Mountain National Park
05/26/2012:
FICAM Trust Framework Solutions - A Primer
03/13/2012:
Next Steps, Lack of Blog Posts and FICAM
12/31/2011:
NIST SP-800-63-1 Multi-Token Assurance Level Matrix
12/22/2011:
Privacy Preserving Attribute Validation using XACML
11/13/2011:
User Consent in the Age of Attributes
10/30/2011:
Reality of XACML PEP-PDP Interoperability - Part III
10/23/2011:
Standards Compliance - Balancing Purity and Pragmatism
10/15/2011:
Implications of US Gov Accepting Externally-Issued Credentials
10/11/2011:
US Gov public web sites required to accept federated credentials
10/08/2011:
User Attributes - More than Identity
10/02/2011:
HOW-TO Conduct a Risk Assessment to Determine Acceptable Credentials
09/21/2011:
How do you define step up authentication?
09/18/2011:
HOW-TO Fast Track to Federation for Web Sites
09/11/2011:
nymwars and All your real names are belong to US
09/11/2011:
FICAM Trust Framework Provider Trust and Privacy Criteria
08/31/2011:
Comparing BAE v2 SAML Profile(s) and OASIS XASP
08/27/2011:
FICAM Backend Attribute Exchange v2 Release Candidate available
07/04/2011:
Summer in the Shenandoah National Park
06/19/2011:
Converging Logical and Physical Access Control via XACML
06/18/2011:
What is the Federal ICAM Backend Attribute Exchange (BAE) v2?
06/12/2011:
Canvas Theory of Identity LOA vs Canvas Theory of Access Control
06/04/2011:
Want ABAC? Across Organizations? Start with Policy!
06/04/2011:
IIW East Session on Role of Government as Identity Oracle (Attribute Provider)
06/04/2011:
Federation Flows 3 - Authorization
06/04/2011:
Federation Flows 2 - Attribute Exposure
06/04/2011:
Federation Flows 1 - Authentication
06/04/2011:
Federal ICAM Support for Identity Federation Flows
05/01/2011:
Fair Information Practice Principles (FIPPs)
03/13/2011:
Identity Oracles - Trust is Ephemeral, Contracts are Eternal
03/03/2011:
Identity Oracles - A Business and Law Perspective
02/27/2011:
Identity Oracles and their role in the Identity Eco-System
08/12/2010:
Government's role as an Attribute Provider
08/03/2010:
Future of Identity Management is… Now!
04/17/2010:
Conveying Attribute Assurance
03/13/2010:
NIST SP 800-73-3 and PIV-I
06/06/2009:
SAML v2 Profiles for PIV Subjects and Backend Attribute Exchange
12/13/2008:
Reality of XACML PEP-PDP Interoperability - Part II
09/28/2008:
Reality of XACML PEP-PDP Interoperability
04/24/2008:
The Zen of Identity Attributes
11/10/2007:
SAML 2.0 Assertion Syntax
My old blog @
http://www.aniltj.com/blog/
I am a public interest technologist. I help organizations and leaders make digital services secure and trustworthy.
Learn more »
Blog Post Archives