Below are the notes from our Nov 6th Trust Elevation Call
Highlights from the notes: Our first face-to-face-meeting is November 9-10 at the Marriott Renaissance, DC, with a call bridge for those who can’t attend in person.
Pre meeting action items:
– Identify categories of methods (i.e. static KBA) that should be included in the survey and be discussed in the meetings.
– Send use cases to the list or to Mary for discussion on the 10th.
-Mary
Minutes for the fifth meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee
3 November, 2011
1. Call to Order and Welcome.
2. Roll Call
Attending (please notify me if you attended the meeting but are not on the list below)
Abbie Barbir, Bank of America - y |
Anil Saldhana, Red Hat - y |
Brendan Peter, CA Technologies - Y |
Carl Mattocks, Bofa - Y |
Cathy Tilton, Daon - y Charline Duccans, DHS |
Duane DeCouteau |
Colin Wallis, New Zealand Government - y |
Dale Rickards, Verizon Business - y |
David Brossard, Axiomatics - y |
Dazza Greenwood – y |
Debbie Bucci, NIH |
Deborah Steckroth, RouteOne LLC |
Detlef Huehnlein, Federal Office for Information |
Don Thibeau, Open Identity Exchange - y |
Doron Cohen, SafeNet |
Doron Grinstein, BiTKOO |
Ed Coyne, Dept Veterans Affairs - y |
Ivonne Thomas, Hasso Plattner Institute |
Jaap Kuipers, Amsterdam |
Jeff Breburg, CA |
John Bradley |
John "Mike" Davis, Veteran's Affairs -y |
John Walsh, Sypris Electronics |
Julian Hamersley, Adv Micro Devices |
Kevin Mangold, NIST - y |
Marcus Streets, Thales e-Security |
Marty Schleiff, The Boeing Company |
Mary Ruddy, Identity Commons - y |
Massimiliano Masi, Tiani "Spirit" GmbH - y |
Nick Pope, Thales e-Security |
Peter Alterman, NIST - y |
Rebecca Nielsen, Booz Allen Hamilton - y |
Rich Furr, SAFE-BioPharma Assn |
Ronald Perez, Advanced Micro Devices |
Scott Fitch Lockeed Martin |
Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A. - y |
Shahrokh Shahidzadeh (Intel Corp) |
Thomas Hardjono, M.I.T. – y |
William Barnhill, Booz Allen Hamilton |
55 percent of the voting members were present at the start of the meeting. We had quorum.
We used the following chat room for the call: http://webconf.soaphub.org/conf/room/trust-el - chat room text is included at the end of the minutes.
2. Agenda review and approval There were no additions to the agenda. 3. Approve Minutes Abbie asked if people had time to look at the minutes and if there were any objections to approval. None heard. Minute were approved. 4. Abbie introduced the next item on the agenda which is face-to-face meeting details, and asked Don to explain. Don stated that Open Identity Exchange, next Wednesday and Thursday in Washington DC, will hold a series of meetings regarding some of the pilots OIX will be announcing on attribute binding. These are testing user assertions at a very basic level. Verizon, Google and other participants are providing a briefing for potential RPs for government and industry sectors including media, entertainment, and financial services. For the OIX meeting on the 9th there will be a description of these proposed pilots that will begin in 2012 as well as some context from some other perspectives: a review of legal and policy issue and a review by representatives looking at non US government perspective. Lastly there will be a panel discussion of the perspectives of attribute binding as it related to trust elevation. This will allow us to talk about our OASIS work and also to discuss scenarios. That meeting is open to all at no charge at the Marriott Renaissance. The TC is invited on the 9th and members are encouraged to be involved in the panel discussion. The panel is scheduled for 2:30 the afternoon of the 9th the OIX meeting. The following day, the morning of Nov 10th, there is a room at the Marriott that is dedicate to a TC face-to-face meeting, and the meeting will continue throughout the day if necessary. Abbie will continue the face-to-face-meeting until 4:30. Abbie asked how many will be in DC for the 9th and how many would like the face-to-face to start on the afternoon of the 9th at 4:00 if Don can find a room for us?That is one option, otherwise he encouraged TC members to come for the panel and officially start on the 10th. Since this was too short notice for a formal ballot, Abbie asked members to indicate their interest in the chat room. For the face-to-face, Abbie wanted to identify categories of identity methods for trust elevation. KBA is one category. He wants to get consensus on what other items should be.We can do this during the call and through email. Abbie wants to start to look at the structure of the document and identify the main categories of content. Static or dynamic KBA is one area. He would like to cover and mature t his topic.A second is mobility and mobile device identifications and binding techniques. That is, how can we elevate trust by knowing the actors based on software, device, and other factors. General hardware/ software tokens and OTP methods and how they can relate together to elevate trust. He asked for more input. Peter commented that he would definitely like to have the opportunity to get input on trust elevate and transaction trust methods during this period. There are a couple of other administrative things we may want to talk about as well. It was commented that Mary is putting this on the notes, so we will make sure it is an item on the agenda. Would like to look at native app based trust or how it relates to the device that is used to start the transaction. For example cookies, how vulnerable or un-vulnerable they are and their role in elevating trust. So we need to have a common understanding of what trust elevation means. It can be something you have, know, are or inherit. Ideally want one factor out of each category, but a choice of the 1 or 2 factors you need for extra trust is a factor of the vulnerabilities you want to address. That is, if have ABC vulnerabilities the combination of XYZ factors better addresses the vulnerabilities. Goal is to have something measureable on how to really elevate trust, vs. [merely] enhance trust and reduce vulnerabilities. So we should put that discussion on the agenda for the afternoon of the 10th so that we can have a checked table for the model. Abbie asked if there was additional discussion on this point. Peter commented that is sounds good. Abbie commented that we have agreement Abbie would really like at least one of the editors to be at the face-to-face. So he asked for an indication of attendance. There will be multiple editors participating. For those not attending the face-to-face, Abbie will provide a call bridge. 5. Use cases. Abbie did submit an updated draft use case. People should submit use cases before the F2F. Send your uses cases, even in draft, before the F2F so they can be put on the agenda. One of the outputs of the F2F will be a skeleton of the first draft. The indention of his first use case is to just be illustrational. Abbie asked if we should open the use case now or in the F2F.It would be good to open it we can look at it now or in the f2f. Peter suggested we review it now. Abbie pasted the link in the chat room. The title is static KBA Use Case. Hopefully we will build upon it. All use cases should have this meta info to make life of editors easier. This KBA is equivalent to secret questions. For some banks, if the bank notices you are coming from a different machine or IP address, it will trigger these questions. For some of these characteristic/factors the bank may trigger an extra auth step of before proceeding. The triggers vary. The bank risk engine indicates that something may have happened and need to elevate trust before grant access. Some of the registration technologies either allow you to select a question or select from among a known set of questions. Sometimes a user can get initial access, but needs more auth if wants to do something more sensitive. This can include OTP or SMS or email or even a phone call. Phone call could be talking to a rep or a voice print. This adds more trust. So if we want to examine use of KBA, we need to start looking at it and the vulnerabilities. KBA can be very weak. There has been history of accounts being hacked. We need to understand KBA’s vulnerabilities and under what circumstances [it is vulnerable]. This is a topic we can use to jump start the discussion. Peter had one question that is a little off point. This use case assumes that security questions are collected at the identity enrolment stage. Is this the more likely scenario or is it or likely that sites will acquire their secret questions and answers from a data provider such as Equifax or Lexus Nexus. Abbie commented that this is a very good question. Any of these are possible. In his use case, these are required at registration. So the questions are how good the Lexus Nexus [database] is, and how good the hacker is at collecting information. The issue of the ANSI identity proofing standard was raised. There is ongoing work to change the US standard. Lexus Nexus is leading the effort. They know that questions are totally hackable. That is one thing we need to look at! Dale commented that after talking to organizations like Lexus Nexus, a KBA type approach can only be used in the US if are looking at public data. The wider world has regulations that protect that. KBA is good in the US, but outside US has huge problems. Abbie commented there are also cultural issues. So he thinks personally static KBS should not be used. KBA’s are fake in terms of elevating trust. They are more of a problem than a solution. Mike commented that a key issue people are seeking [an answer to] is how to do remote auth without appearing in person. So whatever we do, we should strive for that goal. The end goal is to enable persons to elevate trust without in-person presence. Abbie indicate that this is on the list and should be addressed in the first F2F. If do remote proofing how do you trust the other party. A DMV credential could be scanned and validated from source on the fly. There is a project to enable this involving the White House. This is one thing that is important. Peter wants to make a distinction between publically available information and information gathered at time of enrollment that is unique to the relationship Abbie commented that this is excellent. This is part of the analysis that should be discussed. Also, one can use a trusted first party for enrolment. This is exactly want we need to put in the use case and highlight in the analysis This is what we should clearly discuss on the 10th and have a good strategy and input to the first deliverable and deciding what to do with the item, which is the 3rd deliverable Dale commented at the OIX meeting, Verizon will be giving a demo of what we do to vet identity. People may be interested in participating in that demo. And you will see the model with a KBA used at that demo. Don indicated that this demo will be mid morning, and presented by Paul Donfried, a colleague of Dale’s. The demo is only US based, since we can’t do KBA outside the US. Abbie really encouraged everyone in the TC to attend the OIX event on the 9th. It is a rare opportunity to see key players and projects. This is a golden opportunity to interact with the right players. Abbie asked for an indication of those who plan to submit a use case before the 10th. Thomas would like to submit a use case, but won’t make it before the 1oth. Abbie encouraged Tom and others to send even drafts to the list so that the TC can see where the members are coming from. He urged people not to wait for the F2F. This will enable the editors to start putting the first document together. We need to put the technologies and key issues we need to address in writing. Dazza is planning a submission on patient identity with Kantara. It is on auth at a higher level of assurance. It is on the design board and he hopes to have it before the meeting. Abbie indicated that Intel has a device for a secure ID token that may be involved in a couple of use cases. Abbie also commented that we need to look at synthetic IDs (i.e. credentials without a carbon human.) They are in systems everywhere. So this will be another use case. There was a discussion about who the editors were and which editors would be at the F2F. Shaheen is one. Peter is one and will be at part of the F2F. Thomas is one, but will probably not attend in person.
The roll call was reviewed. It was noted that one more person had joined. Abbie made a statement about attendance. Mike Davis emailed the list that the voting members list wasn’t updated on the OSIS website. We had been tracking attendance locally. We worked on it yesterday and updated the public list on the roster to reflect voting members. We had some setback with initial creation of the TC list not reflecting initial voting member status before the cutoff for the first meeting. Mary commended that the voting status was updated on the OASIS site and correct as of last night. Abbie stated that if you think your status is wrong, let him know. Starting from this meeting voting status will be on the public site. You either gain or lose [voting status] based on participation. Abbie asked if there were any questions. There were none. Peter moved to adjourn and Brendan seconded.The meeting was adjourned. >>>>>>>>>>>>>>>>>>>>>>>> don thibeau oix: The Trust Elevation TC F2F Meeting will begin at 9:30 in a room reserved for TC members only in Washington DC at the Renaissance Marriott Hotel at http://www.marriott.com/hotels/travel/wasrb-renaissance-washington-dc-downtown-hotel/
don thibeau oix: On November 10
don thibeau oix morphed into Don Thibeau Open Identity Exchange
abbie: Passcode: 637 218 8139
Int'l Toll: 1-980-939-6928
Dial-In Numbers - (Please see Conference Shortcuts Below)
Int'l Toll: 1-980-939-6928 Local
- Australia, Sydney: +61 (0) 2 8064 4811
Agenda
CHAT ROOM
http://webconf.soaphub.org/conf/room/trust-el
1. Roll Call
2. Agenda review and Approval
3. Approve Minutes
4. F2F details and update
5. Discuss use case http://www.oasis-open.org/apps/org/workgroup/trust-el/documents.php
6. Discuss potential use contributions to comprehensive list of methods from each participant
7. Editors to propose a document first draft before the November F2F (update)
8. Attendance Update
9. Conclude meeting
Please change your name from 'anonymous' using the Settings button
anonymous morphed into Mary Ruddy
abbie: toll free 1 866 222 6652 for the bridge (US/Canada)
anonymous1 morphed into Peter Alterman
anonymous morphed into Mike Davis
Don Thibeau Open Identity Exchange : Abbie -- my understanding is that only TC members may join the F2F meeting. Please confirm
abbie: yes
AnilSaldhana(RedHat): I joined late. sorry.
anonymous1 morphed into Brendan Peter
David Brossard - Axiomatics: Starting on the 9th PM is fine by me... I have to leave by 5PM on the 10th
Dale Rickards: I will be there on the 9th
Brendan Peter: I'll be there on the 9th and am planning on the 10th in person
Ed Coyne: I will be at the meeting on Nov 9 and 10
Don Thibeau Open Identity Exchange : I will be unable to participate in the afternoon session on November 10
Massimiliano Masi (Tiani Spirit): I will not participate to the f2f
Mary Ruddy: I will be there on Nov 9-10
Cathy Tilton: I am just an observer, but am available after lunch on the 9th and on the 10th. Would prefer F2F on 10th, but could do either.
Peter Alterman: I'll be at the OIX extravaganza on the 9th + the TC F2F on the 10th but it looks like I'm going to have to pick my spots as my wife still needs post-op support.
Mike Davis: Will there be a dial in number for those that connot travel?
Peter Alterman asked for a victim, I choose... Dale Rickards
Peter Alterman: sorry, slip of the mouse key
abbie: http://www.oasis-open.org/apps/org/workgroup/trust-el/documents.php
Brendan Peter: I hope to submit a use case as well, but like Thomas, will likely have a hard time getting it prior to the F2F
Massimiliano Masi (Tiani Spirit): I also hope to have an use case ready soon, related to the experience gained in the authentication of patients and doctors for a pan-European network for sharing medical records
Dale Rickards: peter what are you asking me to provide?
Peter Alterman: nothing Dale. My finger slipped on the mouse key.