Skip main navigation

New offer! Get 30% off your first 2 months of Unlimited Monthly. Start your subscription for just £29.99 £19.99. New subscribers only. T&Cs apply

Find out more

Introduction to Guidance and Standards (Continued)

In this video, you will learn about other key standards used in the IdAM context.
In the United States in 2011, the United States government established the National Strategy for Trusted Identities in Cyberspace. This was an attempt to create trust and a standardized identity on the internet. It sought to ensure privacy of those identities, the security of transactions related to those identities, to make sure that they could be interoperable between different services, and therefore, ensuring a cost effective approach. So, these were the four founding principles of the initiative. It struggled with widespread adoption. Single credentials across government services in most countries are still not present. In one of our case studies, the second of our four case studies, we will look at Estonia, which actually is seen as a world leader in this area.
They have actually got that single ID across the public sector and the private sector. In 2007, the National Strategy for Trusted Identities in Cyberspace saw the launch of And so, this was an environment where individuals could access all government services through a single site. Again, there has been some concerns raised around privacy when using a single identity online. Could people use it for tracking? Some of the standards that we’ll reference as well, we have the NIST Cybersecurity Practise Guide 1800-2 on Identity and Access Management for Electric Utilities. Utilities have become increasingly newsworthy recently as security attacks have focused on them as part of a nation’s critical national infrastructure.
There is also research for the next generation of biometric measurements and standards, NGBMS for Identity Management. How can we use biometrics more effectively? And we’ve seen biometric-use spiral over the past 10 years. Ten years ago it was unusual to see a fingerprint reader. Now most smartphones have some form of biometric recognition, whether it’s face recognition, fingerprints. One final standard we should be aware of relates to the use of cryptography. And this is a collection of different standards, different countries have different approaches here. But typically, there are restrictions on the export of strong cryptography.
When we move to look at SSL in section 11, we will see why this becomes important, in part because technologies like SSL and TLS require as strong an encryption as possible. And where we see a requirement to drop that back to a lower strength cryptography, it can present a vulnerability. And we see this with some attacks on SSL and TLS especially.

In this video, you will learn about other key standards used in the IdAM context.

Key standards are:

  • National Strategy for Trusted Identities in Cyberspace
  • NIST Cybersecurity Practice Guide 1800-2
  • Research for Next Generation Biometric Measurements and Standards (NGBMS) for Identity Management
  • Export Cryptography

Reflect and share: Why do you think other countries have been slow to adopt single-credential government services? Share with your fellow learners.

This article is from the free online

Cyber Security Foundations: Reinforcing Identity and Access Management

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now