Speaker
Summary
The large transnational e-Infrastructures world-wide have converged to what is effectively a single standard for identifying their participants. This single 'level of assurance' (LoA) is naturally defined by the resource owners and relying parties in the infrastructure, inspired by the threat level to which their resources are exposed, the need for tracability and incident response, and for ensuring regulatory compliance.
With more diverse resources entering the infrastructure, a need emerges for both more stringent and more lenient identity vetting controls. And new communities emerge where the binding between users and resource owners is inherently stronger, and where the 'burden' of assuring identity can be distributed differently, with the resource providers holding more responsibility. In this presentation we will explore the coming diversification of assurance levels, and how the IGTF authentication profiles can provide differentiated LoA.