ISO JTC1 SC27 WG5: new set of standards including Biometrics,
Privacy, and an Identity Management Framework. Ian presented a summary
report on the discussion from our previous meeting in Paris (April
2007) on these ISO draft documents. He explained that we have ISO
Category C Liaison status with ISO SC27 which allows us a formal channel
to submit comments but we do not have voting rights in ISO. He also
explained that our submission of the Paris comments had been too late
for inclusion in their scheduled June 2007 drafts. Accordingly he will
update these comments to match a review of the new June 2007 ISO draft
documents. Ian will make the three new ISO June 2007 drafts available to
Identity Management Forum and Security Forum members, for their further
review. The closing date for submission of our comments to ISO
SC27 is September 1 2007, so he will need to receive members' comments
by August 27 if they are to be sure of inclusion in our formal
submission to ISO SC27. ITU-T SG17 Project on
interoperability/interworking, common data models, discovery, privacy, and governance.
We have no update on the progress in this project. Ian will follow up
with his Nortel contacts who were leading this activity, to explore how
we may contribute and leverage their work.
Common Core Identifiers submission to ISO standards work on
identifiers. The CCI deliverables were published by The Open Group
shortly after the April 2007 conference. Ian is engaged in offering this
work as a highly relevant submission into the ISO JTC1 SC27
working group which is developing a Standard for Identifiers. He had no
progress to report in the Austin meeting, and will follow up and report
back.
Presentation on Identity/Authentication Repository: Vikram
Dhawan (Lexis Nexis). Lexis Nexis is a leading
provider of information and services solutions, including its flagship
web-based research services, to a wide range of professionals in the
legal, risk management, corporate, government, law enforcement,
accounting, and academic markets. Its core business is human identities
and providing services which authenticate those identities, so
unsurprisingly their main customers are financial institutions, the
legal profession, and governments who are increasingly moving towards
e-Government and the e-Citizen. Vik gave a fascinating impromptu
presentation on Lexis Nexis (LEgal NEwspapers) - how their data
collectors gather identity information from available public records –
phone directories, birth records, credit bureaux, driver license
records, newspapers, court records property registers, etc. – then run
this information through their highly developed fabrication system which
reconciles all the input records and links all the scattered pieces of
information on one person into one coherent identity information file.
Identity documents from Lexis Nexis are accepted as authoritative. They
share the US market and some global markets with competitors like
Westlaw, eFunds, and ChoicePoint. The FCRA (Fair Credit Reporting Act)
in the US provides a regulatory check which allows individuals with a
direct interest in checking their files to verify that the information
held on them in these repositories is correct and to demand correction
where proven error exists.
Clearly the authenticated digitally stored
identity information in repositories held by companies like Lexis Nexis
are a significant resource to businesses which need high-strength
authentication.
