~ October 2015 ~

Welcome from the Executive Director

It's been a busy start to the fall season. After many months of hard work, we've finally launched our new website - The new site offers the most up-to-date information on the organization, our work on the Identity Ecosystem Framework and opportunities for members and partners in an attractive, easy-to-navigate format. If you haven't done so already, visit our website to access and download the latest version of the Framework. In order to support our goal of spreading the message both far and wide, we've broken the site into discrete areas for specific parties - consumers, trust frameworks and relying parties. Additionally, we've created opportunities to recognize our trusted corporate partners and sponsors. I invite you, our members, to visit the site, explore and give us your feedback. We will use that feedback as we continue to innovate and build a virtual workspace for the identity community.

~ Marc-Anthony Signorino, IDESG Executive Director


Chairperson's Corner

By Kimberly Little Sutherland, Plenary Chair


This month we've delivered version 1 of the IDEF - a revolutionary document that sets forth the first rules of the road for ensuring online identity. The culmination of three years of work, the IDEF is a major step forward in privacy, security, interoperability and usability based on the work of IDESG's diverse and experienced membership. The documents that make up the IDEF, the Scoping Statement, Baseline Requirements and corresponding Supplemental Guidance and Best Practices, as well as the Functional Model, are now available on our website for your review.

I'm proud of what we've accomplished, and I'm proud of the leadership position IDESG has played in providing guidance to the identity community around how we can increase trust in identity processes. But our work is not done. We are working diligently to operationalize the framework through the Self-Assessment Listing Service (SALS) Registry. The SALS is a single web presence where online identity service providers and owners or operators applications that authenticate identity credentials can report their status through self-assessment with a set of common standards - the IDEF v.1 Baseline Requirements.

With the release of the IDEF, the identity revolution is well underway. Join us and declare an end to untrustworthy digital identities


From the FMO

  • Following the completion and approval of the IDEF v.1 Baseline Requirements on October 15, the Framework Management Office (FMO) has been working with the IDESG committees to refine their 2015-2016 project plans.
  • The FMO is continuing to assist the Trust Framework and Trust Mark (TFTM) Committee to complete development of documentation needed to initiate the service provider Self-Assessment Listing Service (SALS). The FMO also is providing input to the technical implementation of the SALS infrastructure.
  • The FMO is working with the IDESG Management Council to develop a formal Work Plan with detailed timelines for fulfilling IDEF goals.

From the NSTIC NPO

  • On 10/20, Mike Garcia, acting director of the NSTIC NPO, attended a GovLoop event called 'Evolving Tactics to Combat the Cyber Threat.' He gave a keynote speech that described how NIST is leading an interagency, shared services approach to identity and authentication and explained why a shared services approach is often more cost effective, simpler and generally more effective for agencies.
  • Paul Grassi, senior standards and technology advisor for the NSTIC NPO, participated in a videotaped panel on 10/20. He spoke at WTOP headquarters about identity management strategies in the federal government, and the Trezza Media Group panel will be aired later this month.

Upcoming Events

IDESG members will participate in a healthcare panel at the Gartner Identity & Access Management Summit, December 7-9, 2015. The panel will focus on how IDESG is helping healthcare organizations to deal not only with general privacy and security concerns around digital identity, but also with issues of patient privacy, patient matching and compliance with state and federal requirements - especially HIPAA. Participating members include:

  • Sal D'Agostino, President, IDESG, Moderator
  • Tom Sullivan, M.D., chief Strategy Officer,, Panelist
  • Matt Thompson, President, HealthIDx, Panelist!section_agenda

To share your speaking engagements or presentations with IDESG members, send a hyperlink or attachment to and a link will be included in the next newsletter.

In The Media

Kim Little Sutherland: Group issues rules for the road for identity ecosystem
Federal News Radio, October 29, 2015

At the Privacy & Security Forum: What I saw, October 28, 2015

NIST rides identity, privacy momentum with two new projects, October 23, 2015

Cyber notes: Progress on an ID ecosystem, Android trust and another email vulnerability, October 23, 2015

The Identity Ecosystem Framework and IOT: Where the convenience of big data and privacy intersect
StaySafeOnline Blog, October 23, 2015

New framework lays the foundation for 'identity ecosystem' to enhance privacy, security on the Internet, October 21, 2015

Q&A: A deep dive on the Identity Ecosystem Framework with IDESG's Kimberly Little Sutherland, October 21, 2015

IDESG reveals Identity Ecosystem Framework, October 21, 2015

Breaking news: the IDEF v1 is now available to the public!
IDESG Blog, October 20, 2015

New 'rules of the road' for ID management aim to get past password, October 20, 2015

Identity Ecosystem Framework released, creating unprecedented 'rules of the road' for online identity, October 20, 2015

Identity Ecosystem Framework released, creating unprecedented 'rules of the road' for online identity
Virtual-Strategy Magazine, October 20, 2015

This newsletter was prepared by the Identity Ecosystem Steering Group, Inc. using Federal funds under award 70NANB14H215 from the National Strategy for Trusted Identities in Cyberspace (NSTIC) National Institute of Standards and Technology (NIST), U.S. Department of Commerce. The statements, findings, conclusions, and recommendations are those of the author(s) and do not necessarily reflect the views of NIST, NSTIC, or the U.S. Department of Commerce.