Biometrics in Identity as a Service
|
|
- Hubert Thornton
- 8 years ago
- Views:
Transcription
1 Daon - your trusted Identity Partner Biometrics in Identity as a Service What is BaaS and who is doing it? Catherine Tilton 28 September 2011
2 The Need As the world becomes more interdependent, as transactions become more global, and as the world embraces identity management and assurance as an element of conducting business, personal identities will become a form of global currency. Whether you are crossing a border, seeking employment, applying for a public benefit, opening a bank account, combating crime, making a purchase, enforcing immigration policy, granting access to public and private spaces, detecting terrorists ---- identity verification has limitless value. Governor Tom Ridge 1 st Secretary, U.S. Department of Homeland Security 2
3 The Drivers Business and Government focus on cost reduction and resource allocation through process outsourcing. Cost Pressure Increasing levels of government and industry regulation mandating the validation of a person s identity e.g., Maritime Security Industry Card to protect our ports & offshore facilities Working with Children card to protect the community. Regulation Increased demand for identity services Risk of Identity Fraud Increasing frequency, cost and impact of identity fraud and more sophisticated criminal behaviour requires more stringent identity validation of individuals and entities. 3
4 Evolution? 4
5 XaaS Emerging trend to offer various capabilities as a service Software as a service (SaaS) cloud computing Infrastructure as a service (IaaS) Network as a service (NaaS) Platform as a service (PaaS) Everything as a Service Services 5
6 XaaS Common Attributes Low barriers to entry Initially, services targeted consumers and small businesses Little or no capital expenditure Infrastructure is owned by the provider. Massive scalability Though many of the offerings have yet to achieve large scale Multi-tenancy Enables resources (and costs) to be shared amongst many users. Device independence Enables access regardless of client device (e.g., PC, mobile) Location independence Allows users remote access to systems 6
7 What is IDaaS? Identity as a service Outsourced identity management Outsourced authentication and attribute services Hosted identity services Identity in the cloud Third party identity services Business model for third party identity provisioning Decentralized identity Application-centric identity management Externalized user identification Primarily viewed from an IT perspective 7
8 Identity Management Overloaded term! IT context: a discipline which encompasses all of the tasks required to create, manage, and delete user identities in a computing environment [tech-faq] Relates to user accounts Broader context: the combination of technical systems, rules, and procedures that define the ownership, utilization, and safeguarding of personal identity information. The primary goal of the IdM process is to assign attributes to a digital identity and to connect that identity to an individual. [NTSC] Relates to identity assurance 8
9 Federated Identity Initiatives in the IT space OpenID Kantara IdenTrust InCommon US ICAM NSTIC Facilitated by.. SAML IMI O-Auth Identity, Credential, and Access Mgmt Source: OpenID 9
10 Federal PKI Trust Framework 10
11 11
12 Who is embracing IDaaS? UK Post Australia Post US UPS New Zealand Kiwibank/NZ Post India UID Authentication Service Singapore National Authentication Framework US IRS, TSA, states 12
13 BaaS areas Services 13
14 Identity Services Capability Background Checking List Screening Criminal History Check On-line Form On-line Payment Enrollment Data Call Centre Electronic Transmission to Agency or Business Paper Form Interview Document Inspection and Scanning Facial Image Capture Fingerprint Scanning Voice Authentication Electronic Signature 14
15 Enrollment as a Service More systems becoming biometrically enabled Enrolment can be an expensive and logistically challenging operation Efficiencies to be gained by a common enrolment network Countries looking at how main street vendors can be leveraged e.g., with nationwide outlets Examples: Post offices Considerations: Ensuring sample quality Security & privacy, trust Auditing, payment processing Enrolment Service Providers SP 1 SP2 SP3 Consolidation (optional) System 1 e.g., Passport Processing System 2 e.g., Drivers Licensing Systems of Record 15
16 Screening Services Many needs today for screening individuals Positions of trust Critical infrastructure protection (e.g., transportation workers) Those working with vulnerable persons (children, elderly, & disabled) Licenses & certifications Types & levels of screening/vetting Proof of identity, residence, status Criminal history records check Financial history Threat screening (e.g., KST) 16
17 Screening applications Identity screening & vetting Healthcare Families and concerned citizens look to regulating agencies to protect the sick and vulnerable from unscrupulous care providers. Visitor Access Physical assets, national or religious treasures and critical infrastructure and facilities can be protected from unauthorized access by checking visitors and contractors. Banking Protect bank assets from fraudulent access and comply with federal regulations by thoroughly background screening employees. Child Care and Elderly Care Those caring for the old and the young must be vetted by law to ensure that caregivers do not have a criminal history. Corporate Credential Corporate resources can be quickly and irrevocably damaged by disgruntled or malicious employees without appropriate physical and logical access controls in place. 17
18 Identity credentialing Employee/contractor/ visitor badging ` Identity Collection Internet IDMS CJIS Life cycle management services: Initial card issuance Activation Physical Access Control System Single Sign On System Identity Enablement Vetting Source 1 Vetting Source n Renewal Replacement Revocation Provisioning to access control systems 18
19 Authentication services Biometric Registration Process Subscriber Identity + Biometric Credential Est. Identity + biometric Credential Applies Biometric Authentication Process Identity proofing Enrolls biometric Biometric Authentication Service Provider Registers Biometric Binds identity to reference biometric Claimant Claimed identity + Live biometric Assertion Access Requests access Verifies identity (through biometric matching) Checks authorization Grants access 19
20 Singapore NAF example Need for stronger authentication in government & commercial/ consumer sectors Support for online transactions Intent to be market driven, with multiple service providers Source: IDA 20
21 The UPS Store UPS provides its 4,400 locations in the United States as well as nearly 1,300 locations outside the US as professional, convenient, and consistent settings for people to access when they need to have their biometric data collected and submitted for a variety of purposes, including background screening and credentialing. 21
22 Internal Revenue Service The Tax Preparer Initiative was created to fingerprint and background check the 1.2M individuals that prepare tax returns as well as those individuals that file tax returns electronically, and provide additional education/training to the tax return preparers and conduct competency testing. IRS needs a provide tax preparers with a cost effective and convenient way to prove that they meet the ethical standards of conduct set forth by the IRS. 22
23 Australia Post Trust Based Services Building on the ubiquity if its outlets and citizen trust in its agents, Australia Post desires to provide identity verification and biometric enrollment services for a wide variety of provincial, national, and commercial clients. 23
24 Future Market Directions Identity-as-a-Service (IDaaS) Modular and coherent set of services for managing identities Outsourced Identity Management Complex and expensive to implement in-house Industry-specific requirements/regulations In-person proofing Need increased assurance on in-person identity verification Increasing need to collect biometrics Identity Management Forecast: Forrester Research 24
25 Conclusion Identity becoming increasingly important to security & commerce The world is moving towards a services model Benefits to be gained by shared services Identity services are no exception Trusted service providers required 25
26 Next Up 26
27 Thank You! Catherine J. Tilton, CBP VP, Standards & Technology, Daon Freedom Drive, Suite Reston, VA
Derived credentials. NIST SP 800-63-1 ( 5.3.5) provides for long term derived credentials
Daon your trusted Identity Partner Derived Credentials A Use Case Cathy Tilton Daon 1 February 2012 Derived credentials NIST SP 800-63-1 ( 5.3.5) provides for long term derived credentials Derived credential
More informationStandards for Identity & Authentication. Catherine J. Tilton 17 September 2014
Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent
More informationCloud-Based Identity Services
Cloud-Based Identity Services TrustX Technologies, Inc. 11325 Random Hills Rd., Suite 650 Fairfax, VA 22030 TrustX Identity Services Affordable Identity Assurance TrustX is a cloud-based implementation
More informationOnline Identity Attribute Exchange 2013-2014 Initiatives
Online Identity Attribute Exchange 2013-2014 Initiatives Agenda Overview AXN Services Framework Demonstration NSTIC Pilots Summary ABAC Services Attribute Exchange Network Page 2 AXN - Enabling IT & Other
More informationOnline Identity Attribute Exchange 2013-2014 Initiatives
Online Identity Attribute Exchange 2013-2014 Initiatives Agenda Overview AXN Services Framework Demonstration NSTIC Pilots Summary ABAC Services Attribute Exchange Network Page 2 AXN - Enabling IT & Other
More informationBiometrics and Cyber Security
Biometrics and Cyber Security Key Considerations in Protecting Critical Infrastructure Now and In The Future Conor White, Chief Technology Officer, Daon Copyright Daon, 2009 1 Why is Cyber Security Important
More informationBiometrics and National Strategy for Trusted Identities in Cyberspace Improving the Security of the Identity Ecosystem September 19
Biometrics and National Strategy for Trusted Identities in Cyberspace Improving the Security of the Identity Ecosystem September 19 Andrew Sessions, Abel Sussman Biometrics Consortium Conference Agenda
More informationNISTIC Pilot - Attribute Exchange Network. Biometric Consortium Conference - 2013
NISTIC Pilot - Attribute Exchange Network Biometric Consortium Conference - 2013 Market Development Startup (2011) Unrealized Large Market Potential Evolving Value Props & Use-Cases Evolving Tech/Policy
More informationAudio: This overview module contains an introduction, five lessons, and a conclusion.
Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules
More informationThe Leading Provider of Identity Solutions and Services in the U.S.
THE IDENTITY COMPANY The Leading Provider of Identity Solutions and Services in the U.S. MorphoTrust USA MorphoTrust USA Our Value Uniquely Identifying Individuals: MorphoTrust is entrusted to ensure that
More informationGood Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals
Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals and protect people, information, buildings, countries
More informationCan We Reconstruct How Identity is Managed on the Internet?
Can We Reconstruct How Identity is Managed on the Internet? Merritt Maxim February 29, 2012 Session ID: STAR 202 Session Classification: Intermediate Session abstract Session Learning Objectives: Understand
More informationEstablishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology
Establishing A Multi-Factor Authentication Solution Report to the Joint Legislative Oversight Committee on Information Technology Keith Werner State Chief Information Officer Department of Information
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationOperational and Policy Considerations. Glenn R. Cook Department of Information Sciences Naval Postgraduate School Monterey, CA
Identity Management: Operational and Policy Considerations Glenn R. Cook Department of Information Sciences Naval Postgraduate School Monterey, CA IdM Operations and Policy Who Are You? Identifying Friend
More informationIdentity, Credential, and Access Management. Open Solutions for Open Government
Federal CIO Council Information Security and Identity Management Committee Identity, Credential, and Access Management www.idmanagement.gov Open Solutions for Open Government Judith Spencer Co-Chair, ICAM
More informationThe Intermediate Unit And Electronic Signatures
No. 829 CAPITAL AREA INTERMEDIATE UNIT SECTION: OPERATIONS TITLE: ELECTRONIC SIGNATURES ADOPTED: December 20, 2012 REVISED: 829. ELECTRONIC SIGNATURES 1. Purpose The Capital Area Intermediate Unit ( Intermediate
More informationTHE LEADING EDGE OF BORDER SECURITY
THE LEADING EDGE OF BORDER SECURITY RECORD-BREAKING TRAVEL CREATING NEW CHALLENGES TIM KLABUNDE Entrust Datacard; Director, Government Vertical Marketing THE ERA OF THE MOBILE IDENTITY In an increasingly
More informationNOAA HSPD-12 PIV-II Implementation October 23, 2007. Who is responsible for implementation of HSPD-12 PIV-II?
NOAA HSPD-12 PIV-II Implementation What is HSPD-12? Homeland Security Presidential Directive 12 (HSPD-12) is a Presidential requirement signed on August 27, 2004 requiring Federal agencies comply with
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationDate: Wednesday March 12, 2014 Time: 10:00 am to 2:45 pm ET Location: Virtual Hearing
Remarks of Catherine Tilton at the Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) held by the Office of the National Coordinator for Health Information Technology Health
More informationInformation Technology Policy
Information Technology Policy Identity Protection and Access Management (IPAM) Architectural Standard Identity Management Services ITP Number ITP-SEC013 Category Recommended Policy Contact RA-ITCentral@pa.gov
More informationWIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com
WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com Table of Contents 03...Introduction 04...Wipro Cloud (WIC) as a Service Type 05...Wipro Cloud Capabilities
More informationRich Furr Head, Global Regulatory Affairs and Chief Compliance Officer, SAFE-BioPharma Association. SAFE-BioPharma Association
Navigating the Identity Landscape Rich Furr Head, Global Regulatory Affairs and Chief Compliance Officer, SAFE-BioPharma Association SAFE-BioPharma Association Overview An overview of US and EU government
More informationHSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006
HSPD-12 Implementation Architecture Working Group Concept Overview Version 1.0 March 17, 2006 Table of Contents 1 PIV Lifecycle... 3 2 High Level Component Interaction Diagram... 4 3 PIV Infrastructure
More informationIdentity: The Key to the Future of Healthcare
Identity: The Key to the Future of Healthcare Chief Medical Officer Anakam Identity Services July 14, 2011 Why is Health Information Technology Critical? Avoids medical errors. Up to 98,000 avoidable hospital
More informationAttribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements
Joint White Paper: Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements Submitted Date: April 10, 2013 Submitted
More informationApplication of Biometric Technology Solutions to Enhance Security
Application of Biometric Technology Solutions to Enhance Security Purpose: The purpose of this white paper is to summarize the various applications of fingerprint biometric technology to provide a higher
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More information28042 Federal Register / Vol. 75, No. 96 / Wednesday, May 19, 2010 / Notices
28042 Federal Register / Vol. 75, No. 96 / Wednesday, May 19, 2010 / Notices the records are part of an on-going investigation in which case they may be retained until completion of the investigation.
More informationVoice Authentication On-Demand: Your Voice as Your Key
Voice Authentication On-Demand: Your Voice as Your Key Paul Watson, Vice President Relationship Technology Management Voice Search Conference March 2-4, 2009 Convergys Corporation A Global Leader in Relationship
More informationDepartment of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT
Department of Veterans Affairs VA DIRECTIVE 6510 Washington, DC 20420 Transmittal Sheet VA IDENTITY AND ACCESS MANAGEMENT 1. REASON FOR ISSUE: This Directive defines the policy and responsibilities to
More informationIdentity and Access Management Initiatives in the United States Government
Identity and Access Management Initiatives in the United States Government Executive Office of the President November 2008 Importance of Identity Management within the Federal Government "Trusted Identity"
More informationThe Virginia Electronic Notarization Assurance Standard
The Virginia Electronic Notarization Assurance Standard Published by Secretary of the Commonwealth Richmond, Virginia January 1, 01 Version 1.0 Table of Contents Scope and Intent... 1 Definitions... Article
More informationA unique biometrics based identifier, such as a fingerprint, voice print, or a retinal scan; or
SBA Procedural Notice TO: All SBA Employees CONTROL NO.: 5000-1323 SUBJECT: Acceptance of Electronic Signatures in the 7(a) and 504 Loan Program EFFECTIVE: 10/21/14 The purpose of this Notice is to inform
More informationIDaaS: Managed Credentials for Local & State Emergency Responders
IDaaS: Managed Credentials for Local & State Emergency Responders NextgenID ID*TRUST Platform NextgenID - Headquarters USA 10226 San Pedro, Suite 100 San Antonio, TX 78216 +1 (210) 530-9991 www.nextgenid.com
More informationAnnouncing Approval of Federal Information Processing Standard (FIPS) Publication 201-2,
This document is scheduled to be published in the Federal Register on 09/05/2013 and available online at http://federalregister.gov/a/2013-21491, and on FDsys.gov Billing Code 3510-13 DEPARTMENT OF COMMERCE
More informationReport to the Council of Australian Governments. A Review of the National Identity Security Strategy
Report to the Council of Australian Governments A Review of the National Identity Security Strategy 2012 Report to COAG - Review of the National Identity Security Strategy 2012 P a g e i Table of contents
More information2. APPLICABILITY AND SCOPE
Department of Defense DIRECTIVE NUMBER 1000.25 July 19, 2004 Certified Current as of April 23, 2007 USD(P&R) SUBJECT: DoD Personnel Identity Protection (PIP) Program References: (a) DoD Directive 1000.22,
More informationesign Online Digital Signature Service
esign Online Digital Signature Service Government of India Ministry of Communications and Information Technology Department of Electronics and Information Technology Controller of Certifying Authorities
More informationSecurityManager. Enterprise Personnel & Physical Security Case Management Solution for Federal Agencies
SecurityManager Enterprise Personnel & Physical Security Case Management Solution for Federal Agencies SecurityManager is THE CENTECH GROUP, Inc s (CENTECH s) Web-based enterprise case management solution
More information1. The human guard at the access control entry point determines whether the PIV Card appears to be genuine and has not been altered in any way.
+ Expiration date + Agency card serial number (back of card) + Issuer identification (back of card). The PIV Card may also bear the following optional components: + Agency name and/or department + Department
More informationGOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.
PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize
More informationIs Your Vendor CJIS-Certified?
A Thought Leadership Profile Symantec SHUTTERSTOCK.COM Is Your Vendor CJIS-Certified? How to identify a vendor partner that can help your agency comply with new federal security standards for accessing
More informationACI - NA PUBLIC SAFETY & SECURITY FALL CONFERENCE 2012 AVIATION BADGING EFFICIENCIES
ACI - NA PUBLIC SAFETY & SECURITY FALL CONFERENCE 2012 AVIATION BADGING EFFICIENCIES ACI-NA PUBLIC SAFETY & SECURITY, FALL CONFERENCE 2012 BADGING BEST PRACTICES SURVEY Cheryl Vauk Productive Solutions
More informationTrust Elevation Using Risk-Based Multifactor Authentication. Cathy Tilton
Trust Elevation Using Risk-Based Multifactor Authentication Cathy Tilton 1 Caveat Intent is to present an approach for risk-based multifactor authentication and how it might be used in a trustelevation
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationUS Security Directive FIPS 201
Security US Security Directive FIPS 201 Compliance Strategies Learn about compliance strategies for governmental agencies in meeting requirements of Homeland Security Presidential Directive 12 (HSPD-12),
More informationGLOBAL TELECOM INVOLVEMENT in the I D E N T I T Y E C O S YS T E M. July 2013
GLOBAL TELECOM INVOLVEMENT in the I D E N T I T Y E C O S YS T E M July 2013 S P E A K E R S David Pollington GSMA (UK/EU) Andrew Johnston TELUS (CANADA) Scott Rice PACIFICEAST / OIX TDWG (US) Telecom
More informationAn Operational Architecture for Federated Identity Management
An Operational Architecture for Federated Identity Management March 2011 Implementing federated identity management and assurance in operational scenarios Federated Identity Solution The Federated identity
More informationU.S. Senate Homeland Security and Government Affairs Committee
U.S. Senate Homeland Security and Government Affairs Committee Hearing on GAO Report 05-477, Improvements Needed to Strengthen U.S. Passport Fraud Detection Efforts Testimony of Frank E. Moss Deputy Assistant
More informationHow much do you pay for your PKI solution?
Information Paper Understand the total cost of your PKI How much do you pay for your PKI? A closer look into the real costs associated with building and running your own Public Key Infrastructure and 3SKey.
More informationAgency Information Collection Activities: REAL ID: Minimum Standards for Driver s
This document is scheduled to be published in the Federal Register on 05/11/2016 and available online at http://federalregister.gov/a/2016-11133, and on FDsys.gov 9110-9B DEPARTMENT OF HOMELAND SECURITY
More informationMoving to Multi-factor Authentication. Kevin Unthank
Moving to Multi-factor Authentication Kevin Unthank What is Authentication 3 steps of Access Control Identification: The entity makes claim to a particular Identity Authentication: The entity proves that
More informationInternet Banking Internal Control Questionnaire
Internet Banking Internal Control Questionnaire Completed by: Date Completed: 1. Has the institution developed and implemented a sound system of internal controls over Internet banking technology and systems?
More informationCloud Computing and the Regulatory Compliance Labyrinth
Cloud Computing and the Regulatory Compliance Labyrinth About ERM About The Speaker Nick Shuman Information Security Consultant Bachelor of Science in Computer Science and Psychology - University of Miami
More informationExecutive Summary P 1. ActivIdentity
WHITE PAPER WP Converging Access of IT and Building Resources P 1 Executive Summary To get business done, users must have quick, simple access to the resources they need, when they need them, whether they
More informationIdentity Cards. The Next Steps
Identity Cards The Next Steps Presented to Parliament by the Secretary of State for the Home Department by Command of Her Majesty November 2003 Cm 6020 4.75 Crown Copyright 2003 The text in this document
More informationUNIVERSITY OF CALIFORNIA, MERCED Red Flag and Security Incident Reporting Policy
UNIVERSITY OF CALIFORNIA, MERCED Red Flag and Security Incident Reporting Policy RESPONSIBLE OFFICIAL : Executive Vice Chancellor/Provost RESPONSIBLE OFFICIAL : Business & Financial Services EFFECTIVE
More informationCard Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006
Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates September 2006 Copyright 2006 Entrust. All rights reserved. www.entrust.com Entrust is a registered trademark
More informationFederal Identity, Credential, and Access Management Trust Framework Solutions. Overview
Federal Identity, Credential, and Access Management Trust Framework Solutions Overview Version 1.0 02/07/2014 Questions? Contact the FICAM TFS Program Manager at TFS.EAO@gsa.gov 1 Table of Contents 1.
More informationModule 1: Facilitated e-learning
Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1
More informationYour secure identity. Meeting proof of identity requirements
Your secure identity Meeting proof of identity requirements The Department of Transport (DoT) is committed to safeguarding your identity through secure information management and personal identification
More informationELECTRONIC SIGNATURE REQUIREMENTS FOR LENDERS
ELECTRONIC SIGNATURE REQUIREMENTS FOR LENDERS June 2015 Purpose The Electronic Signatures in Global and National Commerce (ESIGN) Act (15 U.S.C. 7001-7006), enacted in 2000, permits, but does not require,
More informationTop 5 Reasons to Choose User-Friendly Strong Authentication
SOLUTION BRIEF: USER-FRIENDLY STRONG AUTHENTICATION........................................ Top 5 Reasons to Choose User-Friendly Strong Authentication Who should read this paper This executive brief asserts
More informationSIGNIFICANT CHANGES DOCUMENT
SIGNIFICANT CHANGES DOCUMENT Descriptive Title Schedule 70_MassModification_Health IT SIN Significant Changes Disclaimer Language DISCLAIMER: GSA FAS is posting this notification of a planned solicitation
More informationNC CJIN Governing Board. 13 October, 2011. George A. White
Advanced Authentication NC CJIN Governing Board 13 October, 2011 George A. White FBI CJIS ISO Brief Policy History Two year development Fully vetted by all state representation Criminal and civil Requirements
More informationThe Imperative for High Assurance Credentials: State Identity Credential and Access Management (SICAM) Guidance and Roadmap
The Imperative for High Assurance Credentials: State Identity Credential and Access Management (SICAM) Guidance and Roadmap AAMVA Region I Conference E-ID, DLDV, and Privacy Conducting Business Securely
More informationesign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?
esign FAQ 1. What is the online esign Electronic Signature Service? esign Electronic Signature Service is an innovative initiative for allowing easy, efficient, and secure signing of electronic documents
More informationJustice Management Division
Justice Management Division Privacy Impact Assessment for the Personal Identity Verification (PIV) Card System Issued by: Stuart Frisch, Senior Component Official for Privacy Reviewed by: Vance E. Hitch,
More informationSUPPLIER SECURITY STANDARD
SUPPLIER SECURITY STANDARD OWNER: LEVEL 3 COMMUNICATIONS AUTHOR: LEVEL 3 GLOBAL SECURITY AUTHORIZER: DALE DREW, CSO CURRENT RELEASE: 12/09/2014 Purpose: The purpose of this Level 3 Supplier Security Standard
More informationBriefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication.
Polling Question Briefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication. Please type in your response. This poll will close promptly at 1:00 pm CDT Getting the
More informationPhysical Access Control System
for the Physical Access Control System DHS/ALL 039 June 9, 2011 Contact Point David S. Coven Chief, Access Control Branch (202) 282-8742 Reviewing Official Mary Ellen Callahan Chief Privacy Officer (703)
More informationIdentity Access Management: Beyond Convenience
Identity Access Management: Beyond Convenience June 1st, 2014 Identity and Access Management (IAM) is the official description of the space in which OneLogin operates in but most people who are looking
More informationIDENTITY-AS-A-SERVICE IN A MOBILE WORLD. Cloud Management of Multi-Modal Biometrics
IDENTITY-AS-A-SERVICE IN A MOBILE WORLD Cloud Management of Multi-Modal Biometrics ImageWare Systems, Inc. Headquarters in San Diego, CA Offices worldwide (US, Canada, Germany, Mexico) Over 15 years of
More informationIndependent Accountants Report
KPMG LLP 1601 Market Street Philadelphia, PA 19103-2499 Independent Accountants Report To the Management of Unisys Corporation: We have examined the assertion by the management of Unisys Corporation (
More informationHow To Create Trust Online
Authors: Niall Burns (Symphonic), Professor Bill Buchanan (Edinburgh Napier University), Cassie Anderson (miicard) Overview There is a growing demand within governments, health sectors, social care, police,
More informationDRAFT Pan Canadian Identity Management Steering Committee March 1, 2010
DRAFT Pan Canadian Identity Management Steering Committee March 1, 2010 Pan Canadian Identity Management & Authentication Framework Page 1 1 Introduction This document is intended to describe the forming
More informationVASCO: Compliant Digital Identity Protection for Healthcare
VASCO: Compliant Digital Identity Protection for Healthcare Compliant Digital Identity Protection for Healthcare The proliferation of digital patient information and a surge in government regulations are
More informationWeb Conferencing: Unleash the Power of Secure, Real-Time Collaboration
White Paper Web Conferencing: Unleash the Power of Secure, Real-Time Collaboration This paper focuses on security information for Cisco WebEx Meeting Center, Cisco WebEx Training Center, Cisco WebEx Support
More informationMulti-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
More informationStrategies for the implementation of a Public Key Authentication Framework (PKAF) in Australia
Miscellaneous Publication Strategies for the implementation of a Public Key Authentication Framework (PKAF) in Australia SAA MP75 1996 STRATEGIES FOR THE IMPLEMENTATION OF A PUBLIC KEY AUTHENTICATION FRAMEWORK
More informationNSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment. Version: 1.1 Date: 12/04/2006. National Science Foundation
This document has been archived and replaced by piaauthentx1207..0 National Science Foundation NSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment Version: 1.1 Date: 12/04/2006 Table
More informationUS-VISIT Five Country Joint Enrollment and Information-Sharing Project (FCC)
for the Five Country Joint Enrollment and Information-Sharing Project (FCC) November 2, 2009 Contact Point Paul Hasson, Privacy Officer Program National Protection & Programs Directorate (202) 298-5200
More informationDEA's New Proposed Regulations For E-Prescribing
Portfolio Media, Inc. 648 Broadway, Suite 200 New York, NY 10012 www.law360.com Phone: +1 212 537 6331 Fax: +1 212 537 6371 customerservice@portfoliomedia.com DEA's New Proposed Regulations For E-Prescribing
More informationPersonal Identity Verification
for the Personal Identity Verification Contact Point Cynthia Sjoberg Program Manager, HSPD 12 Training and Operations Security Division Office of Security Department of Homeland Security (202) 447 5010
More informationDynamic Security for the Hybrid Cloud
Dynamic Security for the Hybrid Cloud Marc van Zadelhoff, VP Strategy, Marketing and Product Management, IBM Security Nataraj Nagaratnam, Distinguished Engineer and CTO Security Solutions, IBM Security
More informationSECURITY INFRASTRUCTURE Standards and implementation practices for protecting the privacy and security of shared genomic and clinical data
Global Alliance for Genomics and Health SECURITY INFRASTRUCTURE Standards and implementation practices for protecting the privacy and security of shared genomic and clinical data VERSION 1.1 March 12,
More informationHow to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications
SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this
More informationTESTIMONY. Kelli Ann Burriesci. Deputy Assistant Secretary for Screening Coordination. Office of Policy U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE
TESTIMONY OF Kelli Ann Burriesci Deputy Assistant Secretary for Screening Coordination Office of Policy U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE HOUSE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM:
More informationHomeConvenience.com. Creating Trust Online CASE STUDY. Comodo Identity and Trust Assurance Suite. Content Verification Certificate.
TM Creating Trust Online CASE STUDY HomeConvenience.com Comodo Identity and Trust Assurance Suite Content Verification Certificate Hacker Guardian SSL Certification Corner of Trust Logo Who are HomeConvenience?
More informationAIRSPACE WAIVERS AND FLIGHT AUTHORIZATIONS FOR CERTAIN AVIATION OPERATIONS (INCLUDING DCA) (Amended)
for the AIRSPACE WAIVERS AND FLIGHT AUTHORIZATIONS FOR CERTAIN AVIATION OPERATIONS (INCLUDING DCA) (Amended) Contact Point Lisa S. Dean Privacy Officer Transportation Security Administration (571) 227-3947
More informationDEPARTMENTAL REGULATION
U.S. DEPARTMENT OF AGRICULTURE WASHINGTON, D.C. 20250 DEPARTMENTAL REGULATION SUBJECT: Identity, Credential, and Access Management Number: 3640-001 DATE: December 9, 2011 OPI: Office of the Chief Information
More informationDepartment of Veteran Affairs VA HANDBOOK 6510 VA IDENTITY AND ACCESS MANAGEMENT
Department of Veteran Affairs VA HANDBOOK 6510 Washington, DC 20420 Transmittal Sheet VA IDENTITY AND ACCESS MANAGEMENT 1. REASON FOR ISSUE: This Handbook defines roles, responsibilities, and procedures
More informationNIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics
NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics Jan Krhovják Outline Introduction and basics of PIV Minimum
More informationGeneral HIPAA Implementation FAQ
General HIPAA Implementation FAQ What is HIPAA? Signed into law in August 1996, the Health Insurance Portability and Accountability Act ( HIPAA ) was created to provide better access to health insurance,
More informationIntelligent Security Design, Development and Acquisition
PAGE 1 Intelligent Security Design, Development and Acquisition Presented by Kashif Dhatwani Security Practice Director BIAS Corporation Agenda PAGE 2 Introduction Security Challenges Securing the New
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More information