Versions Compared

Old Version 4

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Attendees 

Ann West, Incommon

Colin Wallis, KI

...

Adam Madlin, IAWG participant

Ruth Puente, KI

IAWG Report provided by Scott Shorter 

  • IAWG finished the Kantara service assessment criteria for assessments against the requirements of NIST 800-63A at IAL2 and 800-63B at AAL2. There was a Public Comment and IPR Review Period, and there will be an All Member Ballot for final approval before publication of the two documents.
  • Service Assessment Handbook was published at the end of January and the Assessor Handbook will come soon.

SAFE BioPharma Report provided by Peter Alterman

  • SAFE BioPharma has merged with NH-ISAC. SAFE BioPharma maintains all the existing contractual relationships.
  • They completed their conformity profile for 800-63-3 A and B, the authenticator and identity proofer. They are incorporating federation requirements to their federated service standard documents, which will then be incorporated into 800-63-3 conformity profile as a complete set. Once it is ready, they will share it with the partners.
  • In the cross certification mapping, there is a technical discussion between Europeans and North Americans, which SAFE BioPharma is trying to normalize.
  • Matt King is the new CEO of SAFE Biopharma, and Peter Alterman position is Director of Policy and Compliance.

...


Incommon Report provided by Tom Barton

...

-GDPR has created problems for research and for European service providers. GEANT has created a Data Protection Code of Conduct, a code of conduct to handle personal information which was discussed during the workshop in Vienna on 6 February 2018. Research Service Provider could sign on this code of conduct. Code of Conduct link: https://wiki.refeds.org/display/CODE/GEANT+Data+Protection+Code+of+Conduct+workshop+6+February+2018

Open Mic

Topic: 800-63-3 Evaluating strengths of evidence. 

...

  • It was suggested to build up a body of knowledge and consensus about what types of identity evidence can meet FAIR, STRONG and SUPERIOR requirements, and discuss methodology to validate the evidence and verification of the identity.
  • Kantara offered to host a Working Group on this topic, where all interested parties can convene.
  • The idea would be to fill the grey areas in a collaborative way and have a common level of trust.
  • Common agreement among the stakeholders on the fundamentals.
  • It was suggested to make public an assertion by the TFPs that the assessor is approved and competent and has assessed the Service Provider under a known methodology and found that the processes conform to 800-63-3.  If there is a common understanding, the TFPs could trust on the assertion of each other.
  • Next steps: Draft a scope of work for the Joint Working Group and send it to theTFS mailing list before the next TFS Sync. Scott Shorter volunteered to send the first draft.  

Various

  • It was commented that GSA team reported that they are reviewing the comments submitted by the TFPs and talking to the federal agencies.

Action items:

  • Scott Shorter to share a Draft first draft of the Joint Working Group charter before the next TFS Sync.