Description:
In working toward National Strategy for Trusted Identities in Cyberspace (NSTIC) aligned online transactions, the NSTIC National Program Office (NPO) has identified current inconveniences that arise when individuals request services and benefits from the government. In these transactions, government websites repeatedly ask individuals for the same personal information. In some cases, websites do not actually need specific values for attributes; they just need a claim (e.g., a claim that a user is in a certain age range, instead of using a birthdate). Users lack a convenient way to disclose requested information without repetitious form filling, transform verified attributes into claims, or track where information has been disclosed, leaving them susceptible to over-collection and over-sharing of personal information. Potentially old and incorrect data also reduces the quality of services, and can be costly for government agencies. Finally, agencies incur security costs and liabilities maintaining personal information in order to communicate with customers. This is not only an issue with government transactions – it’s also a part of our everyday interactions with private companies [1-2].
One solution is commonly known as a Personal Data Store (PDS). While commercial pilot programs have demonstrated its utility, it has yet to reach broad adoption in the government space. A PDS will provide users the ability to grant relying parties – sites that utilize identities or attributes provided by a third party service – secure, ongoing access to their personal information, attributes, and preferences. Hosted PDSs are segmented away from the rest of an information system, insulating private information and attribute details. Individuals will retain full control of their personal information; they’ll decide which attributes to release or permit access to and to whom.
The PDS should meet several critical requirements:
· Interoperate with a countless number of agencies or private companies engaging customers in online transactions by using open standards to transmit and store personal information and attributes;
· Revoke access to information provided to third or relying parties, and provide individuals with a clear and usable method for managing access to their stored data;
· Allow users to download their data in an open, portable format that can be migrated to other PDSs, maintaining the focus on user choice and convenience;
· Store, or link to, credential and attribute verifications from credential and attribute service providers, allowing individuals to share both self-asserted and signed or verified data about themselves;
· Provide the option for users to disclose verified attributes without revealing the user’s relationship with the relying party to the verifying credential or attribute service provider or revealing the user’s relationship with the verifying credential or attribute service provider to the relying party; and
· Transform verified attributes into provable claims.
Through the PDS, the user will manage their self-asserted data as well as provide access to any user-approved external authoritative sources. The PDS will be beneficial when citizens engage with government agencies online – especially through Connect.Gov. With Connect.Gov, individuals will be able to use their credentials from approved external websites to log in at federal websites. A personal data store would put citizens in control of their personal information in these transactions, cultivating trust in Connect.Gov. As the private sector becomes increasingly competitive regarding privacy, and more devices request information a part of the growing Internet of Things, tools like PDSs provide more privacy benefits by helping individuals manage their information disclosures, as well as increasing trust in online transactions across the Internet.
PDSs will enable trust, accuracy and convenience for individuals providing the same information to multiple agencies and companies without needing to fill out cumbersome, error-prone forms. Additionally, it will improve service delivery of the U.S. government by allowing its authoritative data to be made available, if an individual choses, through a PDS. This is a unique opportunity for a provably secure, technical solution to keep personal information under user control at a time when well-intentioned government actions toward data protection are so often met with suspicion. PDSs will provide a more explicit approach to consent, giving individuals greater control over what information is released, under what conditions, and to whom.
Phase I expected results:
Develop the architecture and a functioning prototype of the PDS, including user interfaces. These should be testable and deployable, as well as have integration abilities based on open standards.
Phase II expected results:
Develop an open-source PDS architecture based on open standards (where applicable). Demonstrate successful integration into the Connect.Gov architecture and successfully test and pilot this integration with at least two applications at different federal agencies.
NIST will provide consultation and input through regular discussions to solve problems as they occur. NIST will also work with General Services Administration (GSA) and other agencies to provide the test applications through Connect.Gov to which the integration will occur.
References:
[1] National Strategy for Trusted Identities in Cyberspace (http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf).
[2] Privacy Enhancing Technologies Workshop (http://www.nist.gov/itl/csd/ct/pec-workshop.cfm).
