The AB/Connect working group is a combined working group of the Artifact Binding (AB) Working Group and the Connect Working Group aimed at producing the OAuth 2.0 based “OpenID Connect” specifications.
The purpose of this working group is to develop a security and privacy profile of the OpenID Connect specifications that enable users to authenticate to OpenID Providers using strong authentication specifications. The resulting profile will enable use of IETF Token Binding specifications with OpenID Connect and integration with FIDO relying parties and/or other strong authentication technologies.
The goal of FAPI is to provide JSON data schemas, security and privacy recommendations and protocols to:
- enable applications to utilize the data stored in the financial account,
- enable applications to interact with the financial account, and
- enable users to control the security and privacy settings.
The HEART Working Group intends to harmonize and develop a set of privacy and security specifications that enable an individual to control the authorization of access to RESTful health-related data sharing APIs, and to facilitate the development of interoperable implementations of these specifications by others
The purpose of this working group is to develop a security and privacy profile of the OpenID Connect specifications that allow users to authenticate and share consented attribute information with public sector services across the globe. The resulting profile will enable standardized integration with public sector relying parties in multiple jurisdictions. The profile will be applicable to, but not exclusively targeted at, identity broker-based implementations.
The MODRNA (Mobile Operator Discovery, Registration & autheNticAtion) WG will develop a profile of OpenID Connect intended to be appropriate for use by mobile network operators (MNOs) providing identity services to RPs and for RPs in consuming those services as well as any other party wishing to be interoperable with this profile.
Additionally, it will identify and make recommendations for additional standards items.
The goal of RISC is to provide data sharing schemas, privacy recommendations and protocols to:
- Share information about important security events in order to thwart attackers from leveraging compromised accounts from one Service Provider to gain access to accounts on other Service Providers (mobile or web application developers and owners).
- Enable users and providers to coordinate in order to securely restore accounts following a compromise.
Internet accounts that use email addresses or phone numbers as the primary identifier for the account will be the initial focus.