On June 25, the White House announced the release of the draft National Strategy for Trusted Identities in Cyberspace (NSTIC, pronounced N-STICK), a blueprint for reducing cybersecurity vulnerabilities such as identity theft and fraud and improving online privacy protections through the use of trusted digital identities.
In a White House blog posting, Howard A. Schmidt, cybersecurity coordinator and special assistant to the president, explained that the NSTIC was developed in response to the president’s Cyberspace Policy Review and in collaboration with key government agencies, business leaders, and privacy advocates. The American National Standards Institute (ANSI) submitted comments on earlier drafts of the document, previously titled “National Strategy for Secure Online Transactions.”
The plan envisions the creation of an Identity Ecosystem where individuals will no longer have to remember usernames and passwords to access various online services. Rather, they will be able to voluntarily choose a secure, interoperable, privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc.) from a variety of service providers – both public and private – to authenticate themselves online for different types of transactions (online banking, accessing electronic health records, sending email, etc.). The Identity Ecosystem will be user-centric, meaning that individuals will have more control over the amount of personal information they use to authenticate themselves online.
The draft NSTIC is posted for comment through July 19 at www.nstic.ideascale.com. Members of the general public can submit their own suggestions as well as respond to and rank comments submitted by others. The Department of Homeland Security (DHS), a key partner in the development of the strategy, is collecting the comments. The White House has indicated that a detailed implementation plan to accompany the strategy will be circulated for comment later in July. The goal is to have the strategy completed and signed by the president in the September/October timeframe. ANSI encourages all interested members and stakeholders to review the document and submit comments to the DHS to have their viewpoints heard.