Download:
pdf |
pdfOnline Survey Software | Qualtrics Survey Solutions
Page 1 of 14
OMB Control #0690-0030
Expiration Date 06/30/2017
Understanding the barriers of acquiring
relying parties to NSTIC
BACKGROUND
The National Strategy for Trusted Identities (NSTIC) is a White House initiative signed
by President Obama in 2011. The NSTIC envisions an Identity Ecosystem, where
individuals and organizations utilize secure, efficient, easy-to-use, and interoperable
identity credentials to access online services in a manner that promotes confidence,
privacy, choice, and innovation. The Identity Ecosystem Steering Group (IDESG) is a
private-sector led organization, funded by the NSTIC, that’s facilitating the development
of the Identity Ecosystem.
PURPOSE OF THIS SURVEY
The Identity Ecosystem will be most successful if it has an abundance of Relying
Parties (RPs) – organizations accepting 3rd party federated credentials from Service
Providers for access to their services. Unfortunately, there is currently a dearth of
organizations willing to act as RPs; this survey delves into this issue, seeking to further
understand the barriers that prevent organizations from transitioning to this role.
WHY WE VALUE YOUR RESPONSE
As an existing or potential RP, your input is critical in helping the NSTIC National
Program Office (NPO) identify and mitigate the barriers that currently prevent many
organizations from accepting 3rd party credentials. The results of this survey will inform
the work of the NPO in implementing the NSTIC, and will be particularly useful for the
IDESG in establishing an Identity Ecosystem.
CONFIDENTIALITY STATEMENT
All responses - including any personal information - will be kept strictly confidential. No
identifying information will be saved with survey data. All survey participant information including contact persons and organization names - will be kept anonymous and will not
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 2 of 14
be shared with NPO or any external party.
If you have any additional questions, please contact us.
Purdue Student Consulting
purduestudentconsulting@gmail.com
Please indicate your level of seniority in your organization?
Top level management (C-level, VP, board of directors,...)
Midddle level management (General manager, branch/plant manager,...)
First level management (Supervisor, assistant manager, team leader,...)
No management function
Are you responsible / have authority over at least part of your organization's
web presence / website?
Yes
No
Is your organization consumer oriented?
Yes
No
Does your organization have more than 300 employees?
Yes
No
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 3 of 14
Is your organization based in the U.S.?
Yes
No
National Strategy for Trusted Identities in Cyberspace (NSTIC) Video:
NSTIC and the Identity Ecosystem:
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 4 of 14
Low awareness of 3rd party federated credentials among _________
prevents 3rd party federated credentials from being adopted by my
organization.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
The public
Lack of understanding of 3rd party federated credentials among
_________ prevents 3rd party federated credentials from being adopted by
my organization.
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Page 5 of 14
Agree
Strongly
Agree
I don't
know
My organization
The public
Low awareness of the Identity Ecosystem among _________ prevents 3rd
party federated credentials from being adopted by my organization.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
The public
Lack of understanding of the Identity Ecosystem among
_________ prevents 3rd party federated credentials from being adopted by
my organization.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
The public
I think _________ is sufficiently aware of the security risks of passwords.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Page 6 of 14
Agree
Strongly
Agree
I don't
know
The public
I think _________ is/are more comfortable using passwords for authentication
than biometrics, PINs, other methods.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
My customers
I think _________ is/are more comfortable using my proprietary credentialing
services rather than 3rd party federated credentials.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
My customers
I think that overall my industry's existing protection measures against
security breaches are sufficient.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 7 of 14
I don't know
Not applicable
I think 3rd party federated credentials will make online transactions
between my organization and customers more secure.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
I think my customers would prefer to use 3rd party federated credentials which
enhance privacy, if given the opportunity and educational information.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
I think my customers would prefer to use 3rd party federated credentials which
can be used conveniently in multiple places, if given the opportunity and
educational information.
Strongly Disagree
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 8 of 14
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
Less control over collecting consumer data resulting from using 3rd party
credential providers prevents my organization from adopting 3rd party
federated credentials.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
Less control over user experience resulting from using 3rd party credential
providers prevents my organization from adopting 3rd party federated
credentials.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 9 of 14
Current security authentication standards (username / password) are
perceived sufficient enough by _________ that it questions the necessity of
3rd party federated credentials.
Neither
Agree
I
Strongly
nor
Strongly don't
Not
Disagree Disagree Disagree Agree Agree know applicable
My organization
My customers
Concerns over loss of customers due to requiring 3rd party federated
credentials prevents my organization from adopting 3rd party federated
credentials.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
Concerns over increased ease for customers to move to competitors
prevents my organization from adopting 3rd party federated credentials.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 10 of 14
Strongly Agree
I don't know
Not applicable
It is important to ____________ that the rules and policies of the Identity
Ecosystem are being developed by the private sector.
Neither
Agree
Strongly
nor
Disagree Disagree Disagree
Agree
Strongly
Agree
I don't
know
My organization
The public
Lack of clear financial benefits prevents my organization from adopting 3rd
party federated credentials.
Strongly Disagree
Disagree
Neither Agree nor Disagree
Agree
Strongly Agree
I don't know
Not applicable
My organization has ______________ over unclear liabilities in the case of
security breaches if adopting 3rd party federated credentials.
No concerns
Minor concerns
Strong concerns
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 11 of 14
Very strong concerns
"I don't know"
"Not applicable"
My organization has _________ that 3rd party federated credentials may not
support compliance to regulations applicable to my industry.
No concerns
Minor concerns
Strong concerns
Very strong concerns
"I don't know"
"Not applicable"
My organization has _________ that 3rd party federated credentials would
require more compliance reviews.
No concerns
Minor concerns
Strong concerns
Very strong concerns
"I don't know"
"Not applicable"
My organization has _________ that acceptance of 3rd party federated
credentials will erode my organization's brand image.
No concerns
Minor concerns
Strong concerns
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 12 of 14
Very strong concerns
"I don't know"
"Not applicable"
Are you a current member of the IDESG?
Yes
No
Has your organization been in contact with the IDESG before?
Yes
No
I don't know
What is the activity / sector of your organization? (Multiple entries possible)
Financial
Services
Textile
Environment
Tourism/Travel
Transportation
Health
High-tech
Insurance
Biotechnology
Consulting
Construction
Internet
Manufacturing
Electronics
Government
Other, please
describe
Please list any other barriers which prevent your organization from adopting
3rd party federated credentials and explain their significance in your opinion.
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 13 of 14
Please let us know of any questions or comments you might have.
You have reached the end of the survey. Thank you for your
participation!
NOTWITHSTANDING STATEMENT
This collection of information contains Paperwork Reduction Act (PRA) requirements
approved by the Office of Management and Budget (OMB). Notwithstanding any other
provision of the law, no person is required to respond to, nor shall any person be
subject to a penalty for failure to comply with, a collection of information subject to the
requirements of the PRA unless that collection of information displays a currently valid
OMB control number. Public reporting burden for this collection is estimated to be 30
minutes per response, including the time for reviewing instructions, searching existing
data sources, gathering and maintaining the data needed and completing and reviewing
the collection of information.
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�Online Survey Software | Qualtrics Survey Solutions
Page 14 of 14
>>
Powered by Qualtrics
https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview=Survey&Brand... 6/19/2015
�
| File Type | application/pdf |
| File Title | https://purdue.qualtrics.com/SE/?SID=SV_8Gn43k8gFMJ2XXf&Preview |
| Author | bcuthill |
| File Modified | 2015-06-24 |
| File Created | 2015-06-19 |