NIST to Fund Online Credentials PilotsBeyond Passwords: Building Strong Foundation for ID Ecosystem
The National Institute of Standards and Technology proposes to award grants of up to $4 million to fund pilot projects to accelerate progress toward the creation of improved, interoperable systems for secure, privacy-enhancing trusted online credentials that go beyond simple user IDs and passwords.
"Our goal is to pilot solutions that can demonstrate material advances in identity and authentication and build a stronger foundation for the identity ecosystem," says Jeremy Grant, NIST's senior executive advisor for identity management [see Limited Government: Path to NSTIC]. "We will build on the momentum gained with the successful 2012 launch of our first five pilots and the establishment of the Identity Ecosystem Steering Group."
The pilot projects are part of National Strategy for Trusted Identities in Cyberspace [see Trusted Internet Initiative Advances], known as NSTIC (pronounced n-stick), a government initiative to work collaboratively with the private sector, advocacy groups, public-sector agencies and others to improve the privacy, security and convenience of online transactions.
NIST says it anticipates making multiple awards in the range of some $1.25 million to $2 million a year, per project, for up to two years, subject to the availability of funds. NIST says it will consider proposals with lower funding amounts. The deadline for submitting initial proposals is March 5.
The 2012 pilot projects have addressed known barriers to the development of an identity ecosystem, where individuals, businesses and other organizations can have greater trust and security as they conduct sensitive transactions online, according to NIST. The institute says the pilots are helping to spur development of a marketplace for trusted identity solutions online, and represent various industries, including financial and government services, healthcare and online learning.
NIST says the new pilots should support NSTIC guiding principles that identity solutions will be privacy-enhancing and voluntary, secure and resilient, interoperable, cost-effective and easy-to-use. They should demonstrate solutions, models and frameworks that are either new or not widely adopted in the marketplace today.