Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee
July 11, 2013.
1. Call to Order and Welcome.
2. Roll Call
Attending (please notify me if you attended the meeting but are not on the list below)
Abbie Barbir, Bank of America
Anil Saldhana, Red Hat
Brendan Peter, CA
Carl Mattocks, Bofa
Cathy Tilton, Daon
Charline Duccans, DHS
Colin Wallis, New Zealand Government - y
Dale Rickards, Verizon Business
David Brossard, Axiomatics
Debbie Bucci, NIH
Deborah Steckroth, RouteOne LLC
Detlef Huehnlein, Federal Office for Information
Diego Matute, Centrify - y
Don Thibeau, Open Identity Exchange
Doron Cohen, SafeNet
Doron Grinstein, BiTKOO
Gershon Janssen - y
Ivonne Thomas, Hasso Plattner Institute
Jaap Kuipers, Amsterdam
James Clark – Oasis
Jeff Broburg, CA
John "Mike" Davis, Veteran's Affairs
John Walsh, Sypris Electronics
Julian Hamersley, Adv Micro Devices
Kevin Mangold, NIST
Lucy Lynch ISOC
Marcus Streets, Thales e-Security
Marty Schleiff, The Boeing Company
Mary Ruddy, Identity Commons - y
Massimiliano Masi, Tiani "Spirit" GmbH
Mohammad Jafari, ESC
Peter Alterman, SAFE-BioPharma,
Rainer Hoerbe -
Rebecca Nielsen, Booz Allen Hamilton - y
Ronald Perez, Advanced Micro Devices
Scott Fitch Lockeed Martin
Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A. - y
Shahrokh Shahidzadeh (Intel Corp
Suzanne Gonzales-Webb, VA - y
Thomas Hardjono, M.I.T.
William Barnhill, Booz Allen Hamilton
Adrianne James, VA -y
Steve Olshansky - y
54 percent of the voting members were present at the meeting. We did have quorum.
2. Agenda review and approval
We used the following chat room for the call:
http://webconf.soaphub.org/conf/room/trust-el chat room text is included at the end of the minutes.
The agenda was approved.
3. Approval of the Minutes
Mary asked if there were any objections to approving the minutes from the last meeting on June 27, 2013.
Mary asked for a motion.
Gershon made a motion to approve the June 27, minutes.
Colin seconded the motion.
There were no objections.
The minutes were approved.
4. Editors Update.
Shaheen walked us through the use case document. It is posted to the site. He took a stab at the matrix Peter prepared and used a real use case. We decided on using an on-line bank example. He provided a disclaimer: this has nothing to
do with the bank at which he works. He picked-up this use case from a blog. It is an online banking use case where the user requests to open an account, close an account, etc., all those standard functions that a user would do. There is also an administrator
that would log in and perform certain functions.
Shaheen continued, the red line between the login in and other functions is the transaction trust-el. He prepared a logical sequence: have user request a secure webpage to determine if trust-el is required, need to tag context of user,
public internet, device, etc., an LOA determiner would identify needed assurance, and based on that, the authentication engine would ask the user to authenticate themselves, and the user would submit credentials to elevate trust.
Next slide, have login which is LOA-1, all other transactions require some trust el – depends on context and what LOA the bank engine requires. Banks can vary their requirements. Then it determines the trust-el method to elevate the trust.
The next slide picks up the thread, this is the current LOA and this is the required LOA, and then we identify what trust-el is required. The threads are pretty much the same as Peter had in the matrix. When he prepared this, he thought
this would help someone to use the matrix and to prepare the trust-el methods required for a particular system. This is not a real use case. It is based on an article. If we had a real use case, we could use the same format. We would ask the TC if we have
a real use case we can apply the format to and see if it works.
Colin was wondering if we could go back to one of the original TC use cases.
Shaheen said most of the use cases are very high level. What is missing in there is that if you are a bank and apply these, what is your LOA? What methods does a vendor employ for these case and what LOAs do we see in the market.
Steve thanked Shaheen. He finds it a useful way to approach the task. He appreciates that banks don’t want to share their internal proprietary approaches. That leaves us with a quandary. If we can complete this table for one use case to
provide the reader with a way to approach this table, it would be very useful.
Steve had one question about slide 4, under each sub-use case, for required LOA, we do want to create created something that banks [our target audience] would want to read. We could make some assumptions. Or maybe there are other use cases
that would be better than banking. Banking is a good one, as everyone banks, so they can relate to it.
Shaheen said maybe we can approach it from a users’ point of view and come up with some trust-el we see in the market. Otherwise we need to base assumptions on experience.
Colin suggested that maybe we could get some notes for a government context.
Steve said it is at least a hypothetical, reasonable use case. We have two weeks before the next call. A note out to the list soliciting input would be well.
Steve said even if we use a hypothetical bank with lots of disclaimers, he still agrees, it may be easier for non-bankers to come at this from outside.
Steve said this is helpful.
Mary said we should start the item and maybe a non-banker can help.
Steve said we could make assumptions on slide 4 in the 4th column on trust-el. He is not sure how to do that as there are variables not accounted for: LOA.
Shaheen said the context is not just LOA, but device and where the user is coming from. These would imply certain trust-el methods and not others.
Steve said maybe we need a 5th column for context.
Shaheen said this context column soul could be a place to put all these variables. Use is from a public library, shared machine, you can put that in there as part of the context.
Steve said we could add rows, rather than columns, and not try to hit every possible thing.
Shaheen has specific examples, a user banking from home, a user banking from a library, we could have multiple use cases, and use the same template.
Steve said that makes a lot of sense.
Shaheen said if you want to come up with a couple of or two use cases and work on that template to put some meat into it, then we can go through it together the same way we went through the matric Peter prepared.
Steve said he was happy to take a stab at it.
Colin will also try.
Steve was not sure how best to share the document. Should he post or email it?
Colin commented that if posted, everyone has a chance to look.
Steve asked if it would make sense to put out a call to the mailing list, soliciting others to do this, and maybe on the next call we can walk through them.
Shaheen said yes, that is a good idea.
Colin asked to look at the other doc.
Steve said the changes from last time were relatively minor. He delete all the "non applicable”s and added in a legend at the top. He added a place holder for a glossary and appendix D. He doesn’t want to duplicate effort, but a glossary
might be more convenient. We can take the obviously used terms.
Colin said he thinks it would be easier if they were together.
Mary commented that the survey document had a glossary, so yes, it would make sense for this document to have a glossary.
Steve replied it is useful. He doesn’t know that there are any issues with citing 800-63. The other thing he would do is explain acronyms on first use.
Colin commented, yes.
Steve continued. Baring objections, (none heard) he would go ahead and put in a glossary. Based on earlier discussion, we though at about adding an appendix for references. He does think it would be useful to solicit input from the TC.
Steve continued, in line with discussion, in the 3rd column of the table, he added definitions. The only other question he had was just above the table he has a note asking where should “Instead of LOA-4, mitigation of high risk” be in
the document. Maybe it should go before the table.
Colin agreed, it offers a good segue.
Steve said there was a note, should we move the table to an appendix?
Colin commented that after you clean it up more, it will look less challenging.
Steve suggested maybe we should leave it as it, until we get more suggestions for simplifying it.
5. Attendance Update
We achieved quorum.
Mary asked for a motion to adjourn.
Colin made a motion to adjourn.
Shaheen seconded it.
Mary thanked Shaheen for his contribution
The meeting was adjourned.
anonymous morphed into Diego Matute
Gershon Janssen: I'm muted as I'm in a bit of a noisy office...
anonymous morphed into Suzanne Gonzales-Web