RETIRED DRAFT July 5, 2016 The attached DRAFT document (provided here for historical purposes): Draft NIST Special Publication (SP) 800-103, An Ontology of Identity Credentials, Part 1: Background and Formulation (posted for public comment on October 6, 2006) has been RETIRED. Information on other NIST cybersecurity publications and programs can be found at: http://csrc.nist.gov/. The following information was originally posted with the attached DRAFT document: October 6, 2006 NIST is pleased to announce the release of Draft of the Special Publication 800-103 (SP 800- 103), An Ontology of Identity Credentials, Part 1: Background and Formulation. The SP 800-103 is available for a six week public comment period. This document provides the broadest possible range of identity credentials and supporting documents insofar as they pertain to identity credential issuance. Priority is given to examples of primary and secondary identity credentials issued within the United States. Part 2 of this document will provide an Extensible Markup Language (XML) schemas, as a framework for retention and exchange of identity credential information. Please send your comments to [email protected] with "Comments on SP800- 103" in the subject line. The comment period closes at 5:00 EST on Wednesday, November 15th, 2006. NIST Special Publication 800-103 An Ontology of Identity Credentials Draft Part 1: Background and Formulation William MacGregor William Dutcher Jamil Khan I N F O R M A T I O N S E C U R I T Y Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD, 20899-8930 October 2006 U.S. Department of Commerce Carlos M. Gutierrez, Secretary Technology Administration Robert C. Cresanti, Under Secretary of Commerce for Technology National Institute of Standards and Technology William. Jeffrey, Director Draft Special Publication 800-103 An Ontology of Identity Credentials Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of non-national security-related information in Federal information systems. This special publication 800-series reports on ITL’s research, guidelines, and outreach efforts in information system security, and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-103, 70 pages (October 2006) Draft 2 Draft Special Publication 800-103 An Ontology of Identity Credentials Acknowledgements The authors, William MacGregor of the National Institute of Standards and Technology (NIST) and William Dutcher and Jamil Khan of Booz Allen Hamilton, wish to thank their colleagues who reviewed drafts of this document and contributed to its development. Draft 3 Draft Special Publication 800-103 An Ontology of Identity Credentials Table of Contents 1. INTRODUCTION..............................................................................................................................................7 1.1 AUTHORITY.................................................................................................................................................7 1.2 ONTOLOGY OF IDENTITY DEFINED ..............................................................................................................7 1.3 PURPOSE......................................................................................................................................................8 1.4 SCOPE..........................................................................................................................................................8 1.5 AUDIENCE AND ASSUMPTIONS ....................................................................................................................9 1.6 DOCUMENT OVERVIEW ...............................................................................................................................9 2. OVERVIEW OF IDENTITY CONCEPTS ...................................................................................................10 2.1 IDENTITY STAKEHOLDER VIEWPOINTS......................................................................................................11 2.2 IDENTITY CREDENTIALS............................................................................................................................12 2.3 QUALITIES OF IDENTITY CREDENTIALS .....................................................................................................12 2.4 PRIMARY, SECONDARY AND TERTIARY IDENTITY CREDENTIALS..............................................................14 2.5 OWNERS OF IDENTITY CREDENTIALS ........................................................................................................15 2.6 TYPES OF IDENTITY CREDENTIALS ............................................................................................................15 3. THE STRUCTURE OF CREDENTIALS .....................................................................................................16 3.1 LOGICAL AND PHYSICAL STRUCTURES OF AN IDENTITY CREDENTIAL ......................................................16 3.2 REQUIREMENTS FOR LOGICAL STRUCTURE...............................................................................................17 3.3 REQUIREMENTS FOR PHYSICAL STRUCTURE .............................................................................................22 3.4 INCONSISTENCY OF INFORMATION ............................................................................................................23 4. SURVEY OF IDENTITY CREDENTIALS ..................................................................................................24 4.1 I-9 DOCUMENTS ........................................................................................................................................26 5. IDENTITY CREDENTIAL STANDARDS AND ORGANIZATIONS ......................................................28 5.1 NATIONAL CENTER FOR HEALTH STATISTICS – VITAL STATISTICS STANDARDS ......................................28 5.2 INTERNATIONAL CIVIL AVIATION ORGANIZATION....................................................................................28 5.2.1 Machine Readable Travel Documents .................................................................................................28 5.2.2 The New Technologies Working Group...............................................................................................29 5.3 THE INITIATIVE FOR OPEN AUTHENTICATION ...........................................................................................29 5.3.1 Personal Strong Authentication...........................................................................................................29 5.4 THE INTERNET ENGINEERING TASK FORCE...............................................................................................29 5.4.1 vCard ...................................................................................................................................................30 5.5 THE AMERICAN ASSOCIATION OF MOTOR VEHICLE ADMINISTRATORS ....................................................31 5.5.1 DL/ID Security Framework .................................................................................................................31 5.6 ORGANIZATION FOR THE ADVANCEMENT OF STRUCTURED INFORMATION STANDARDS...........................31 5.6.1 Standard Generalized Markup Language Open ..................................................................................31 5.7 LIBERTY ALLIANCE, OASIS − FEDERATED ID ........................................................................................32 5.8 LEGISLATIVE BEARINGS ON IDENTITY STANDARDS ..................................................................................32 5.8.1 Real ID Act ..........................................................................................................................................32 6. IDENTITY CREDENTIAL SYSTEM MODELS.........................................................................................34 6.1 THE ACTOR PLANE....................................................................................................................................34 6.2 THE ISSUANCE PLANE ...............................................................................................................................34 6.3 THE MAINTENANCE PLANE .......................................................................................................................35 6.4 THE TRANSACTION PLANE ........................................................................................................................36 6.5 LIFE EVENTS PLANE..................................................................................................................................37 7. TRUST AND SECURITY ...............................................................................................................................38