KI IDEF WG proposed Charter draft

IDEF Work Group Charter

  1. WG NAME (and any acronym or abbreviation of the name):

Identity Ecosystem Framework (IDEF) Work Group

2. PURPOSE: Please provide a clear statement of purpose and justification why the WG is necessary.

The purpose of the Work Group is to define and promote adoption of the IDEF (including a high-level systems architecture and a conformance-assessment scheme) - a secure, resilient, scalable, inter-operable, practical, cost-effective and privacy-preserving identity infrastructure for conducting transactions on the Internet. %%Along the lines of the comment at the end of the next paragraph. Keep the WG focused on the IDEF to start with and expand after the DG concludes.%%

The framework will incorporate or map to established standards, schemes and recommendations that address some of these performance goals, such as the Kantara 800-63-3 identity-assurance scheme. By clarifying relationships among the variety of incomplete or inconsistent mandates, standards, schemes and recommendations in this space It will reduce the confusion and risk created for both vendors and implementers of identity and access-management (IAM) solutions. Defining the framework will also highlight those areas where additional technology or standards work is needed to achieve the defined performance goals, such as for supporting cross-federation transactions, allocation of liability, and federating authorization attributes.  %%I’d suggest that this paragraph of the purpose become part of the Purpose of a new DG. This DG, in addition to what’s described in this paragraph, would have as its Output a document that identifies how the IDEF and IAF coexist.%%

3. SCOPE: Explain the scope and definition of the planned work.

This Working Group will continue to evolve and promote the use of the IDEF framework initially developed by the Identity Ecosystem Steering Group, Inc. 

The WG's primary focus is to maintain and evolve the IDEF architecture and to develop requirements and related guidance material with which service providers can implement IDEF-compliant services.


Since certification of conformance is intrinsic to the value of the IDEF, the WG will also develop conformance and assessment criteria, in anticipation that these will be implemented via the KI Assurance Review Board.

To promote use of the IDEF, the WG will also develop material that encourage adoption of the framework, including publicity, liaison arrangements, and development of artifacts (like mappings and sector-specific IDEF profiles) to facilitate adoption of IDEF-conformant implementations of identity services. %%with materials everyone in Kantara can promote it%%

The scope of the IDEF architecture (the "Functional Model" artifact) extends beyond a set of requirements for secure transactions. It includes (in placeholder form only at this point), for example, a layer for overall coordination of the Identity Ecosystem. Elaboration of this overall systems architecture is not an immediate objective for the WG but may provide a context for identifying the requirements for wide commercial implementation of the IDEF framework.

The scope of the IDEF includes privacy as well as security (against fraud, cyber-attack, etc.); it also includes authorization (access control) in addition to authentication (identity.) Given a core objective of scalability, the framework's scope also includes cross-federation interoperability and the derived requirements for semantic interoperability via mapping or standardization.

The IDEF WG will establish sub-working-groups as required, defined around activities ancillary to maintenance of the Framework itself. These include: Service Assessment Criteria & Mappings (of IDEF to other frameworks); IDEF Profiles that apply the Framework to specific sectors like Healthcare. These sub-WGs will contribute to the principal WG deliverables—IDEF technical specifications—but may lead development of other IDEF-related draft recommendations (see below for examples.)

The WG will serve as steward for the IDEF Registry and work with the KI Trust Framework Operations Program to plan and implement enhancements. The Registry sub-WG will focus on these activities.

The WG does not anticipate developing reference implementations of IDEF-conformant identity services, or commercial software products. The WG does not anticipate, at least initially, providing any IDEF services itself though there is some possibility of a requirement for some inter-federation coordination facility which may be appropriate for KI to provide in an operational role. 

4. DRAFT TECHNICAL SPECIFICATIONS:List Working Titles of draft Technical Specifications to be produced(if any), projected completion dates, and the Standards Setting Organization(s) to which they will be submitted upon approval by the Membership.

  1. IDEF v.1.1 Requirements and Supplemental Guidance. This will be a minor update to the existing IDESG IDEF v1, incorporating work-in-progress modifications in response to self-certification experience of initial IDEF Registry registrants, plus other revisions proposed by IDESG Committees but not advanced through the IDESG approval process. The target date for WG approval of IDEF v1.1. is TBD – suggest December 1, 2018.

  2. IDEF v.2 Including Requirements and Supplemental Guidance, but also revision of the IDEF v.1 Functional Model (the IDEF architecture document) and Glossary. It is expected that IDEF v.2 will include new or substantively revised Requirements requiring recertification of registrants (self-, 3rd-party or combination) Target for WG approval of IDEF v.2 is 2019 but specific date and scope will be defined in the next annual refresh of this Charter.

The WG proposes to manage the evolution of the IDEF within KI, following the example of KI's existing Identity Assurance Frameworks.

5. OTHER DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.

Deliverables below are targeted for 2019 to augment earlier versions of those already located in the Kantara Initiative Educational Foundation Inc. Specific dates and scope will be defined in the next refresh of this Charter.

  1. IDEF v.2 Service Assessment Scheme. Lead: SAC&M sub-WG. This will define specific tests, compliance certifications, etc. for assessing a service provider's offering against the IDEF v.2 Requirements. These will be suitable for use by a 3rd party assessor where that is appropriate or required for the level of certification applied for.
  2. IDEF v.2 Mappings. Lead: SAC&M sub-WG. These will include at least an updated mapping between Requirements of IDEF v.2 and the current KI IAWG framework; Other mappings.e.g., to GDPR, may be developed, depending on sponsorship and SME resources available., may be to GDPR requirements
  3. Healthcare Identity Assurance Profile of IDEF. Lead: IDEF Profiles sub-WG.
  4. IDEF Registry Phase 2 enhancement. Lead IDEF Registry sub-WG. The sub-WG will respond with appropriate activity resulting from the KIEF's success in obtaining funding to add IAM capability to the Registry service, and work as steward with related KI groups and programs to implement.


6. LEADERSHIP: 

The Chair of the IDESG TFTM Committee shall serve as interim WG Chair, pending election of permanent leadership by vote of WG Participants at the initial WG meeting. 

WG elected leadership roles will be a Chair, Vice-Chairs who will also serve as team leads for the WG's sub-working groups, and an Editor.  The WG Chair will also appoint a Secretary. Duties of the persons occupying these roles are as defined here.

Three Sub-Working Groups are established (with foci as indicated above): 

  1. Service Assessment Criteria & Mappings (SAC&M) sub-WG
  2. IDEF Profiles sub-WG
  3. Registry sub-WG

Other sub-WG's may be established by the WG as required to conduct activities within the WG's Scope.

7. AUDIENCE: Anticipated audience or users of the work.

The immediate target audience for the work of the WG is providers of identity related products and Internet services, as well as the relying-party information services that require those products and/or services to support secure transactions and compliance with security, privacy or other regulations.

The IDEF will be of interest also to governmental authorities who need to understand how to construct regulations to meet their security, privacy, etc. goals so that they can be met using identity frameworks composed of products and services available in the market.

Indirectly, IDEF certifications and trustmarks will be of interest to end-users and consumer advocates who need understandable and reliable information to help them make informed decisions about the risks of interacting with other parties on the Internet.

8. DURATION: Objective criteria for determining when the work of the WG has been completed (or a statement that the WG is intended to be a standing WG to address work that is expected to be ongoing).

The IDEF WG's program of evolving and promoting the IDEF is anticipated to be on-going, although releases of the Framework specifications and collateral artifacts will have defined scopes and target completion dates. 

9. IPR POLICY:  The Organization approved Intellectual Property Rights Policy under which the WG will operate.


Kantara Initiative IPR Policy|https://kantarainitiative.org/wp-content/uploads/2014/08/KantaraInitiativeIPRPolicies_V2.0.pdf] - Option X \[[Non Assertion covenant is the default option


10. RELATED WORK AND LIAISONS:  Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations.


Closely related work includes KI IAWG frameworks and assessment criteria; also related will be the Healthcare Identity Assurance WG program (when defined.)


Beyond the obvious linkage to the Kantara Initiative Educational Foundation Inc as the repository of the source documents of this work, Liaison relationships will be established as needed to other KI groups and should include IAWG, HIAWG, the Assurance Review Board, the Trust Framework Operations Program, and Kantara Europe.

11. CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.


The WG will be directed to the source IDEF framework artifacts in KIEF Inc —Functional Model, Requirements and Supplemental Guidance, and Glossary—plus IDEF-KI Mapping and all IDESG Committees' work-in-progress toward revision of IDEF.


12. PROPOSERS: Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members - https://kantarainitiative.org/members/

Martin Smith    –     martin.smith@acm.org   – Individual member

YOUR NAME HERE