Revised IDEF WG draft

IDEF Work Group Charter

  1. WG NAME (and any acronym or abbreviation of the name):

Identity Ecosystem Framework (IDEF) Work Group

2. PURPOSE: Please provide a clear statement of purpose and justification why the WG is necessary.

The purpose of the Work Group is to define and promote adoption of a framework--including a high-level systems architecture and a conformance-assessment scheme--for a secure, resilient, scalable, inter-operable, practical, cost-effective and privacy-preserving identity infrastructure for conducting transactions on the Internet.

The framework will incorporate or map to established standards, schemes and recommendations that address some of these performance goals, such as the Kantara 800-63-3 identity-assurance scheme. By clarifying relationships among the variety of incomplete or inconsistent mandates, standards, schemes and recommendations in this space It will reduce the confusion and risk created for both vendors and implementers of identity and access-management (IAM) solutions. Defining the framework will also highlight those areas where additional technology or standards work is needed to achieve the defined performance goals, such as for supporting cross-federation transactions, allocation of liability, and federating authorization attributes.   

3. SCOPE: Explain the scope and definition of the planned work.

This Work Group will continue to evolve and promote the use of the IDEF framework initially developed by the Identity Ecosystem Steering Group, Inc. 

The WG's primary focus is to maintain and evolve the IDEF framework, including: the architecture (as currently represented in the IDEFv1 Functional Model artifact); Requirements (with related guidance material) service providers must meet to implement IDEF-compliant services; and a conformance and assessment scheme, in anticipation that these will be implemented via the KI Assurance Review Board.

To promote use of the IDEF, the WG will also engage in activities to encourage adoption of the framework, including publicity, liaison arrangements, and development of artifacts (like mappings and sector-specific IDEF profiles) to facilitate adoption of IDEF-conformant implementations of identity services.

The scope of the IDEF architecture extends beyond a set of requirements for secure transactions. It includes, for example, a description of mechanisms for overall coordination of the Identity Ecosystem. 

The scope of the IDEF includes privacy as well as security (against fraud, cyber-attack, etc.); it also includes authorization (access control) in addition to authentication (identity.) Given a core objective of scalability, the Framework's scope also includes cross-federation inter-operability and the derived requirements like semantic inter-operability via mapping or standardization.

The IDEF WG will establish sub-working-groups as required, defined around activities ancillary to maintenance of the Framework itself. Initially these include:

  1. Service Assessment Scheme & Mappings sub-WG: develop and maintain the criteria for conformance with IDEF Requirements for self- and third-party assessors; coordinate with ARB and IAWG; map IDEF Requirements and assessment criteria to other frameworks to facilitate reciprocal acceptance of conformity assessments. 
  2. IDEF Profiles sub-WG: apply the Framework to specific sectors like Healthcare to develop use-case or sector specific solution architectures.  
  3. IDEF Registry sub-WG: in coordination with the Trust Framework Operations Program, develop requirements, a development road-map and funding strategy for sustaining and enhancing the KIEF IDEF Registry; in coordination with the ARB and IAWG, develop a strategy for implementing 3rd-party IDEF conformance assessment (as appropriate) and for supporting other Kantara frameworks within the Registry. 

In addition to serving as WG lead in the areas indicated, these sub-WGs will contribute to the principal WG deliverables—the Framework artifacts.

The WG will submit comments as appropriate on drafts of IAM-related standards, programs or mandates developed by other organizations.

The WG will develop reports for consideration by the LC as Kantara Reports on IAM topics related to the development of the Framework.   

Out of scope: the WG does not anticipate developing reference implementations of IDEF-conformant identity services, or commercial software products. The WG does not anticipate, at least initially, providing any IDEF services itself though there is some possibility of a requirement for some inter-federation coordination facility which may be appropriate for KI to provide in an operational role. 

4. DRAFT TECHNICAL SPECIFICATIONS:List Working Titles of draft Technical Specifications to be produced(if any), projected completion dates, and the Standards Setting Organization(s) to which they will be submitted upon approval by the Membership.

  1. IDEF v.1.1 Requirements and Supplemental Guidance. This will be a minor update to the existing IDESG IDEF v1, incorporating work-in-progress modifications in response to self-certification experience of initial IDEF Registry registrants, plus other revisions proposed by IDESG Committees but not advanced through the IDESG approval process. The target date for WG approval of IDEF v1.1. is TBD – suggest December 1, 2018.

  2. IDEF v.2 Including Requirements and Supplemental Guidance, but also revision of the IDEF v.1 Functional Model (the IDEF architecture document) and Glossary. It is expected that IDEF v.2 will include new or substantively revised Requirements requiring recertification of registrants (self-, 3rd-party or combination) Target for WG approval of IDEF v.2 is 2019 but specific date and scope will be defined in the next annual refresh of this Charter.

The WG proposes to manage the evolution of the IDEF within KI, following the example of KI's existing Identity Assurance Frameworks.

5. OTHER DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.

Deliverables below are targeted for 2019 to augment earlier versions of those already located in the Kantara Initiative Educational Foundation Inc. Specific dates and scope will be defined in the next refresh of this Charter.

  1. IDEF v.2 Service Assessment Scheme. Lead: SAC&M sub-WG. This will define specific tests, compliance certifications, etc. for assessing a service provider's offering against the IDEF v.2 Requirements. These will be suitable for use by a 3rd party assessor where that is appropriate or required for the level of certification applied for.
  2. IDEF v.2 Mappings. Lead: SAC&M sub-WG. These will include at least an updated mapping between Requirements of IDEF v.2 and the current KI IAWG framework; Other mappings.e.g., to GDPR, may be developed, depending on sponsorship and SME resources available., may be to GDPR requirements
  3. Healthcare Identity Assurance Profile of IDEF. Lead: IDEF Profiles sub-WG.
  4. IDEF Registry Phase 2 enhancement. Lead IDEF Registry sub-WG. The sub-WG will respond with appropriate activity resulting from the KIEF's success in obtaining funding to add IAM capability to the Registry service, and work as steward with related KI groups and programs to implement.


The Chair of the IDESG TFTM Committee shall serve as interim WG Chair, pending election of permanent leadership by vote of WG Participants at the initial WG meeting. 

WG elected leadership roles will be a Chair, Vice-Chairs who will also serve as team leads for the WG's sub-working groups, and an Editor.  The WG Chair will also appoint a Secretary. Duties of the persons occupying these roles are as defined here.

Three Sub-Working Groups are established (with foci as indicated above): 

  1. Service Assessment Criteria & Mappings (SAC&M) sub-WG
  2. IDEF Profiles sub-WG
  3. Registry sub-WG

Other sub-WG's may be established by the WG as required to conduct activities within the WG's Scope.

7. AUDIENCE: Anticipated audience or users of the work.

The immediate target audience for the work of the WG is providers of identity related products and Internet services, as well as the relying-party information services that require those products and/or services to support secure transactions and compliance with security, privacy or other regulations.

The IDEF will be of interest also to governmental authorities who need to understand how to construct regulations to meet their security, privacy, etc. goals so that they can be met using identity frameworks composed of products and services available in the market.

Indirectly, IDEF certifications and trustmarks will be of interest to end-users and consumer advocates who need understandable and reliable information to help them make informed decisions about the risks of interacting with other parties on the Internet.

8. DURATION: Objective criteria for determining when the work of the WG has been completed (or a statement that the WG is intended to be a standing WG to address work that is expected to be ongoing).

The IDEF WG's program of evolving and promoting the IDEF is anticipated to be on-going, although releases of the Framework specifications and collateral artifacts will have defined scopes and target completion dates. 

9. IPR POLICY:  The Organization approved Intellectual Property Rights Policy under which the WG will operate.

Kantara Initiative IPR Policy|] - Option X \[[Non Assertion covenant is the default option

10. RELATED WORK AND LIAISONS:  Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations.

Closely related work includes KI IAWG frameworks and assessment criteria; also related will be the Healthcare Identity Assurance WG program (when defined.)

Beyond the obvious linkage to the Kantara Initiative Educational Foundation Inc as the repository of the source documents of this work, Liaison relationships will be established as needed to other KI groups and should include IAWG, HIAWG, the Assurance Review Board, the Trust Framework Operations Program, and Kantara Europe.

11. CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.

The WG will be directed to the source IDEF framework artifacts in KIEF Inc —Functional Model, Requirements and Supplemental Guidance, and Glossary—plus IDEF-KI Mapping and all IDESG Committees' work-in-progress toward revision of IDEF.

12. PROPOSERS: Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members -

Martin Smith    –   – Individual member