NSTIC: National Strategy for Trusted Identities in Cyberspace
NSTIC Background
Historically, one of the primary security mechanisms has been the username/password combination. NSTIC recognizes the limitations of passwords both with respect to security and usability. NSTIC addresses real world problems. In 2010 for example, 8.1 million U.S. adults were the victims of identity theft or fraud, with total costs of $37 billion.
Current password based schemes leave a user with a cumbersome password system that offers very little security. NSTIC is focused on formalizing solutions that offer real world improvements. The Department of Defense found that strong access credentials resulted in a 46% reduction in intrusions.
- Passwords are inconvenient, insecure, and there are too many of them
- Individuals are unable to prove their true identity online for significant transactions
What is is NSTIC for?
- Provides a validation scheme for exchanging Trust Framework data
- Identity Ecosystem Framework-multiple ID providers, private and public
- Levels of risk associated with transaction types
Intel Solution
Intel® Expressway Cloud Access 360 / McAfee® Cloud Identity Manager enables federated access, Cloud SSO (SAML, OAuth, Open ID), Account Provisioning with Strong Auth and One Time Passwords.
- Strong Auth Access
- Supports log-in using private sector identity credentials such as Open Id, Pay Pal, OAuth
- Supports Trust Framework LOA level of access level 3 with SAML ID support
- GSA listed
Webinar: Federal Cloud Security Initiatives: The Right Standards and Technologies
Additional Information
White Paper: Federal Cloud Security Challenges and Solutions
For more complete information about compiler optimizations, see our Optimization Notice.