Understanding the Barriers of Acquiring Relying Parties to NSTIC

Generic Clearance for the Collection of Qualitative Feedback on Agency Service Delivery

0690-0030-NSTIC-Instrument 5-1-15

Understanding the Barriers of Acquiring Relying Parties to NSTIC

OMB: 0690-0030

Document [docx]
Download: docx | pdf

Shape1 Shape2

Online Survey Software | Qualtrics Survey Solutions

Page 2 of 12









OMB Control No. 0690-0030

Expiration Date: 06/30/2017



Understanding the barriers of acquiring relying parties to NSTIC



BACKGROUND


The National Strategy for Trusted Identities in Cyberspace (NSTIC) is a White House initiative signed by President Obama in 2011. The NSTIC envisions an Identity Ecosystem, where individuals and organizations utilize secure, efficient, easy-to-use, and interoperable identity credentials to access online services in a manner that promotes confidence, privacy, choice, and innovation. The Identity Ecosystem Steering Group (IDESG) is a private-sector led organization, funded by the NSTIC, that’s facilitating the development of the Identity Ecosystem.



PURPOSE OF THIS SURVEY


The Identity Ecosystem will be most successful if it has an abundance of Relying Parties (RPs) – organizations accepting 3rd party federated credentials from Service Providers for access to their services. Unfortunately, there is currently a dearth of organizations willing to act as RPs; this survey delves into this issue, seeking to further understand the barriers that prevent organizations from transitioning to this role.



WHY WE VALUE YOUR RESPONSE


As an existing or potential RP, your input is critical in helping the NSTIC National Program Office (NPO) identify and mitigate the barriers that currently prevent many organizations from accepting 3rd party credentials. The results of this survey will inform the work of the NPO in implementing the NSTIC, and will be particularly useful for the IDESG in establishing an Identity Ecosystem.



CONFIDENTIALITY STATEMENT


All responses - including any personal information - will be kept strictly confidential. No identifying information will be saved with survey data. All survey participant information - including contact persons and organization names - will be kept anonymous and will not





be shared with NPO or any external party.

If you have any additional questions, please contact us. Purdue Student Consulting


purduestudentconsulting@gmail.com





Shape5 National Strategy for Trusted Identities in Cyberspace (NSTIC) Video:









NSTIC and the Identity Ecosystem:











Shape6 Low awareness of 3rd party federated credentials among

prevents 3rd party federated credentials from being adopted by my organization.








My organization


The public




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape7 Lack of understanding of 3rd party federated credentials among

prevents 3rd party federated credentials from being adopted by my organization.











My organization


The public




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape10 Low awareness of the Identity Ecosystem among prevents 3rd

party federated credentials from being adopted by my organization.









My organization


The public




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape11 Lack of understanding of the Identity Ecosystem among

prevents 3rd party federated credentials from being adopted by my organization.









My organization


The public




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape12 I think is sufficiently aware of the security risks of passwords.









My organization




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know











The public




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape13 I think is/are more comfortable using passwords for authentication

than biometrics, PINs, other methods.









My organization


My customers




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape14 I think is/are more comfortable using my proprietary credentialing

services rather than 3rd party federated credentials.









My organization


My customers




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape15 I think that overall my industry's existing protection measures against

security breaches are sufficient.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree





I don't know


Not applicable





Shape16 I think 3rd party federated credentials will make online transactions

between my organization and customers more secure.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree


I don't know


Not applicable





Shape17 I think my customers would prefer to use 3rd party federated credentials which

enhance privacy, if given the opportunity and educational information.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree


I don't know


Not applicable





Shape18 I think my customers would prefer to use 3rd party federated credentials which can be used conveniently in multiple places, if given the opportunity and

educational information.



Strongly Disagree





Disagree


Neither Agree nor Disagree


Agree


Strongly Agree


I don't know


Not applicable





Shape19 Less control over collecting consumer data resulting from using 3rd party credential providers prevents my organization from adopting 3rd party

federated credentials.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree


I don't know


Not applicable





Shape20 Less control over user experience resulting from using 3rd party credential providers prevents my organization from adopting 3rd party federated

credentials.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree I don't know Not applicable









Shape21 Current security authentication standards (username / password) are perceived sufficient enough by that it questions the necessity of

3rd party federated credentials.









My organization


My customers




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree



I don't know




Not applicable





Shape22 Concerns over loss of customers due to requiring 3rd party federated credentials prevents my organization from adopting 3rd party federated

credentials.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree


I don't know


Not applicable





Shape23 Concerns over increased ease for customers to move to competitors

prevents my organization from adopting 3rd party federated credentials.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree





Strongly Agree


I don't know


Not applicable





Shape24 It is important to that the rules and policies of the Identity

Ecosystem are being developed by the private sector.









My organization


The public




Strongly

Disagree Disagree

Neither Agree nor

Disagree Agree




Strongly

Agree




I don't know





Shape25 Lack of clear financial benefits prevents my organization from adopting 3rd

party federated credentials.



Strongly Disagree


Disagree


Neither Agree nor Disagree


Agree


Strongly Agree


I don't know


Not applicable





Shape26 My organization has over unclear liabilities in the case of

security breaches if adopting 3rd party federated credentials.



No concerns Minor concerns Strong concerns





Very strong concerns

"I don't know" "Not applicable"





Shape27 My organization has that 3rd party federated credentials may not

support compliance to regulations applicable to my industry.



No concerns Minor concerns Strong concerns

Very strong concerns

"I don't know" "Not applicable"





Shape28 My organization has that 3rd party federated credentials would

require more compliance reviews.



No concerns Minor concerns Strong concerns

Very strong concerns

"I don't know" "Not applicable"





Shape29 My organization has that acceptance of 3rd party federated

credentials will erode my organization's brand image.



No concerns Minor concerns Strong concerns






Very strong concerns

"I don't know" "Not applicable"





Shape32 Are you a current member of the IDESG?



Yes


No





Shape33 What is the activity / sector of your organization? (Multiple entries possible)



Financial

Services

Textile Environment Tourism/Travel


Transportation Health High-tech Insurance


Biotechnology Consulting Construction Internet


Shape34 Shape35 Manufacturing Electronics Government Other, please describe







Shape36 Please list any other barriers which prevent your organization from adopting

Shape37 Shape38 3rd party federated credentials and explain their significance in your opinion.
















Shape39 Please let us know of any questions or comments you might have.



















Shape40 Shape41 Shape42 Shape43 You have reached the end of the survey. Thank you for your participation!







NOTWITHSTANDING STATEMENT


This collection of information contains Paperwork Reduction Act (PRA) requirements approved by the Office of Management and Budget (OMB). Notwithstanding any other provision of the law, no person is required to respond to, nor shall any person be subject to a penalty for failure to comply with, a collection of information subject to the requirements of the PRA unless that collection of information displays a currently valid OMB control number. Public reporting burden for this collection is estimated to be 30 minutes per response, including the time for reviewing instructions, searching existing

data sources, gathering and maintaining the data needed and completing and reviewing


the collection of information.









>>







Powered by Qualtrics

Shape3 Shape4

https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&BrandI...

4/8/2015


File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
File Modified0000-00-00
File Created0000-00-00

© 2024 OMB.report | Privacy Policy