NSTIC, the National Strategy for Trusted Identitites in Cyberspace, is a U.S. government initiative for collaboration among private sector, advocacy groups, public sector agencies and other organizations to improve the privacy, security and convenience of sensitive online transactions.
The US Federal Identity, Credential and Access Management (Federal ICAM or FICAM) program is tasked with aligning the identity management activities of the U.S. government.
The Federal ICAM mission is to:
- Align federal agencies around common practices by fostering effective government-wide identity, credential and access management
- Collaborate with federal government and external identity management activities (non-federal, commercial and more) to leverage best practices and enhance interoperability
- Enable trust and interoperability in online transactions, through the application of common policies and approaches, in activities that cross organizational boundaries
It was sent to the CIOs of all executive departments and agencies. These included the Cabinet-level executive departments of Agriculture, Commerce, Defense, Education, Energy, Health and Human Services, Homeland Security, Housing and Urban Development, Interior, Labor, State, Transportation, Treasury, and Veterans Affairs, as well as Archives, Environmental Protection Agency, General Services Administration, Justice, National Science Foundation, Nuclear Regulatory Commission, Office of Personnel Management, Small Business Administration, Social Security Administration, and United States Agency for International Development.
Effective 90 days following final approval of at least 1 Trust Framework Provider agencies are to begin implementing the new requirement that will result in full implementation over next 3 years. Agencies are required to follow OMB policy and may only accept externally issued credentials that are issued in accordance with NIST and Federal CIO Council.
Approved Trust Framework Providers include InCommon Federation, Kantara and Open Identity Exchange.
National Institutes of Health (NIH) was the pilot implementation. NIH estimates that its identity management initiative will result in cost avoidance of more than $2.98 million for fiscal years 2011 through 2015. These savings will result from not having to manage user IDs and passwords for external users across approximately 50 systems.
InCommon Federation is not a federal activity, but it is an approved identity framework provider delivering services to the U.S. government and higher education. For information on IAMOhio standard agreements with InCommon, see InCommon Agreement.
National Science Foundation
The National Science Foundation has many programs that incorporate trusted identity for researcher initiatives:
Through Research.gov, Institutions Gain Streamlined Access to Federal Research Systems; NSF partners with InCommon Federation to provide grantee institutions single login and password
NSF InCommon Pilot Quick Reference Guide
About the InCommon Integration at Research.gov
Federal Demonstration Partnership
Research.gov and InCommon Overview
A Roadmap for Using NSF Cyberinfrastructure with InCommon
CACR, PTI researchers author InCommon roadmap for NSF Cyberinfrastructure
An Analysis of the Benefits and Risks to LIGO When Participating in Identity Federations
CILOGON and Federation: NCSA Cybersecurity Directorate