Operations
6/6/2016
02:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New IDESG Service Empowers Organizations To Better Protect Digital Identities

Registry is Key Step in Growing Healthy and Secure Online Identity Ecosystem

WASHINGTON, DC (June 6, 2016) – The Identity Ecosystem Steering Group (IDESG) – an independent, non-profit organization dedicated to creating the future of trusted digital identities – today announced a new service that empowers organizations to improve the way they handle identities. The Identity Ecosystem Framework (IDEF) Registry brings the digital identity community closer to realizing the White House’s vision for trusted identities in cyberspace.

Every organization involved in online identity transactions plays a key role in creating and sustaining a healthy online identity ecosystem. The IDEF Registry allows companies to independently assess their own identity management methods against common industry practices. Using the IDESG’s Identity Ecosystem Framework as a model, organizations can now master and build on commonly accepted criteria for interoperability, privacy, security and usability. Meeting milestones in these subject areas is essential to ensuring that digital identities are protectedand trustworthy online.

“This is an essential step in creating a safer environment for online transactions,” said Salvatore D’Agostino, President of the IDESG and CEO of IDmachines, LLC. “By equipping organizations involved in online transactions with a tool to measure where they stand relative toaccepted policies and best practices, we’re promoting a safer internet on two levels. We’re making industry-accepted best practices more accessible to organizations who want to meet them, and providing a structured benchmark to organizations and individuals that want to use safer protocols for their digital transactions and information management.”

The Registry is an actionable step in the Identity Revolution, and the first opportunity of its kind for online identity service providers and owners and operators of applications that register, issue, authenticate, authorize and use identity credentials to prove that they operate secure platforms for their customers. Those that voluntarily register with the Registry publicly demonstrate their dedication to best practices in identity management. In addition to increasing participating organizations’ value and trust in the marketplace, the Registry gives them access to their industry’s most cutting-edge methods for identity management.

Initial listers include some of the preeminent companies in the identity space, such as MorphoTrust and PRIVO. 

“As a founding member of the IDESG, PRIVO understands the level of commitment, subject matter expertise and vision required to bring the Registry to life,” said PRIVO Co-founder and CEO Denise Tayloe. “We are very proud to be one of the first services to hold ourselves accountable to the IDEF requirements that support a privacy-preserving, interoperable, secure, easy-to-use credential for families we serve, in order to protect and enable young users to engage and transact online.” 

The IDESG has a pipeline of applicants and anticipatessignificant demand to join these early adopters to complete the process. Listing in the IDEF Registry is currently free for those who self attest. 

"An Internet built around the identity principles of the Identity Ecosystem Framework, is in the best interest of us all as individuals,” said Mark DiFraia, Senior Director of Market Development at MorphoTrust. “MorphoTrust is proud to be one of the first organizations to join the IDEF Registry because we made the investment to build our online identity solution from the ground up to deliver on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Principles.  It is our sincere hope that the combination of NSTIC principles, the IDEF and now the IDEF Registry apply the right amount of pressure to shape the behavior of online players for the benefit of us all.”


For more information on The Identity Ecosystem Framework Registry, visit IDEFRegistry.org

About the Identity Ecosystem Steering Group (IDESG)

IDESG is a voluntary, public-private partnership dedicated to developing an Identity Ecosystem Framework (IDEF) and services to better online digital identity. The IDESG looks to advance the Identity Ecosystem called for in the National Strategy for Trusted Identities in Cyberspace (NSTIC). The NSTIC, signed by President Obama in 2011, envisions the identity ecosystem as an online environment where individuals and organizations will be able to trust each other because they follow agreed-upon standards and policies to obtain and authenticate their digital identities. Come see how IDESG is making this happen by joining us in the effort and taking advantage of our services at IDESG.org

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
How Systematic Lying Can Improve Your Security
Lance Cottrell, Chief Scientist, Ntrepid,  10/11/2017
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
Marc Wilczek, Digital Strategist & CIO Advisor,  10/12/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.