US government planning identity management system by 2016

KEYSTONE, COLORADO: The US government is planning to support a selection of identity management systems by 2016 to allow state and private business to get the full benefit from e-commerce.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) will see a variety of vendors offering accredited identity management services from 1 January 2016.

Jeremy Grant, senior executive advisor at the National Institute of Standards and Technology, told delegates at the Cloud Identity Summit 2011 that the initiative will hopefully start a lot sooner and that pilot programmes should begin next year.

"User names and passwords are fundamentally broken," he said. "Under this plan people can choose from multiple identity management solutions to get digital credentials anywhere at any time."

Grant cited recent data from the US Department of Defense, which has abandoned user names and passwords in favour of a hardware token to sign onto the network. Intrusions dropped 46 per cent within days, he said, proving the efficacy of the technology.

However, the government will not be specifying such systems, since the most likely result would be an outdated system built around old technology. Instead it will look to the private sector to come up with solutions in the US and abroad.

Such systems could bring enormous savings, according to Grant. Shifting healthcare records into an electronic format could save billions, but progress has been stalled because of the lack of proper identity management systems.

"The federal government is really getting behind identity," Roger Oberg, vice president of marketing at identity management firm Ping Identity, told V3.co.uk.

"The NSTIC project is a really interesting initiative coming out of the White House. It's part of the administration's efforts to drive standards and could see major results."