Identity Ecosystem

The Identity Ecosystem is an online environment where individuals, organizations, services, and devices can trust each other because authoritative sources establish and authenticate their digital identities. The Identity Ecosystem enables:

technology that is easy to operate with minimal training; the Internet for various types of online transactions; who are routinely informed about those who are collecting their data and the purposes for which it is being used; interoperable platforms; and online, particularly those services that are inherently higher in risk;
 * Security, by making it more difficult for adversaries to compromise online transactions;
 * Efficiency based on convenience for individuals who may choose to manage fewer passwords or accounts than they do today, and for the private sector, which stands to benefit from a reduction in paper-based and account management processes;
 * Ease-of-use by automating identity solutions whenever possible and basing them on
 * Confidence that digital identities are adequately protected, thereby increasing the use of
 * Increased privacy for individuals, who rely on their data being handled responsibly and
 * Greater choice, as identity credentials and devices are offered by providers using
 * Opportunities for innovation, as service providers develop or expand the services offered

Privacy protection and voluntary participation are pillars of the Identity Ecosystem. The Identity Ecosystem protects anonymous parties by keeping their identity a secret and sharing only the information necessary to complete the transaction. For example, the Identity Ecosystem allows an individual to provide age without releasing birth date, name, address, or other identifying data. At the other end of the spectrum, the Identity Ecosystem supports transactions that require high assurance of a participant’s identity. The Identity Ecosystem reduces the risk of exploitation of information by unauthorized access through more robust access control techniques. Finally, participation in the Identity Ecosystem is voluntary for both organizations and individuals.

Another pillar of the Identity Ecosystem is interoperability. The Identity Ecosystem leverages strong and interoperable technologies and processes to enable the appropriate level of trust across participants. Interoperability supports identity portability and enables service providers within the Identity Ecosystem to accept a variety of credential and identification media types. The Identity Ecosystem does not rely on the government to be the sole identity provider. Instead, interoperability enables a variety of public and private sector identity providers to participate in the Identity Ecosystem.

Interoperability and privacy protection combine to create a user-centric Identity Ecosystem. User-centricity will allow individuals to select the interoperable credential appropriate for the transaction. Through the creation and adoption of privacy-enhancing policies and standards, individuals will have the ability to transmit no more than the amount of information necessary for the transaction, unless they choose otherwise. In addition, such standards will inhibit the linking of an individual’s transactions and credential use by service providers. Individuals will have more confidence that they exchange information with the appropriate parties, securely transmit that information, and have the information protected in accordance with privacy best practices.

Source
(DRAFT) National Strategy for Trusted Identities in Cyberspace 1-2 (June 25, 2010).