Navy Contributions to Identity Management

Transcription

1 Navy Contributions to Identity Management CAPT John M. Boyd Director, Dept of the Navy Identity Management Capability Biometric Consortium Conference 22 September 2009 UNCLASSIFIED

2 Applications UNCLASSIFIED Scope: Identity Management (IdM) Universe Information- Sharing Federated Services Digital ID Friendly UNK/Neutral Adversary 2

3 Biometrics Enterprise DoN Perspective BTF- West 3

4 Focused Applications Robust biometrics collection and matching in austere environments Provides a rugged/portable device which locally collects and matches biometric data to enroll, identify, and verify the identity of personnel Based on fully validated requirements Strict adherence to standards Fingerprint, iris, face image collection Ability to transfer data via external comms to reach back for remote matching Document/media collection & linkage 4

5 IDT COTS UNCLASSIFIED Identity Dominance System (IDS) Device Capability Progression TBCMS Based on Draft IDS CDD SIIMON/ SIIMON Block II IDS CDD KPP/KSA Functionality IDS PIV1 CDD/CPD Expanded Maritime Interception Operations (EMIO) Identity Dominance Toolset (IDT) Rapid Deployment Capability (RDC) 2007 Tactical Biometric Collection and Matching System Personnel Identification Version 1 Capability Development Document 2012 IDT RDC-Navy $ TBCMS RDDC-Army $ SIIMON-Army $ SIIMON Block II-USMC $ IDS POR-Navy $ 5 5

6 Focused Applications (cont) Physical access controls Working with Services, JS J8, USNORTHCOM to develop a Joint Identity-Enabled Physical Access Control (JIPAC) capability Leverage mature projects/technologies Concentrating on: Authentication/Verification of identity Characterization for fitness Authorization Consider legal/policy restrictions as we develop the capability to characterize individuals seeking access to military installations 6

7 JIPAC Simulation 7

8 Endeavors Large Scale Architecture Cross-organizational Information Sharing Vigorously employ model-based systems engineering as part of our due diligence Functions Operational Tasks & Activities System Components 8

9 What to Avoid Networks to Nowhere 9

10 The Three Most Important Points 1. There are TWO lines of advance within the USG on Identity Management: Screening Access Controls Harmonizing/Integrating these is essential to progress 2. Strong IdM does NOT necessarily mean weak Privacy! Entails strong cybersecurity measures. 3. Needed governance must embrace the whole community/process, at every level Emergence of these processes is the next big step in federal IdM 10

11 Where we need help 1. Standard algorithms: Biometric template generation Matching Improves interoperability while reducing long-term costs 2. Back Office efficiencies Communications Analysis of information & intelligence production Warfighter requires accurate & complete intel reports in time to make a decision otherwise, don t bother. 3. Policy/legal guidance for biometric collections and characterization of individuals Require expanded policy to collect in maritime domain; Need expanded guidelines for friendly force biometrics collection ISO physical access controls; Extending to Logical access & Business functions 11

12 Dept of the Navy POCs CAPT John Boyd Director, Dept of the Navy Identity Management Capability 703) Ms. Erin Castleman IdM Analyst, contractor support 703)

13 OPNAV POCs LCDR John Lenox OPNAV N867 - Afloat AT/FP, Biometrics john.lenox@navy.mil (703) Mr. Nick Hall OPNAV N867 - Contractor Support kevin.n.hall.ctr@navy.mil (703)

14 Backup Ready, Fire, Aim 14

15 Policy & Training/Education Policy WG addressed Privacy Act and IdMrelated issues wrt access controls and military operations Training and Education Established IdM certificate/master s level education program at Naval Postgraduate School in Monterey, CA DoD Executive Agent (Army) is sponsor Participation across DoD Three classes completed 15

16 Scale Treaty Orgs UN Industry Others International US Govt/Interagency DoD/Joint DoN 16

17 Summary 1. DoN is supplying invaluable Identity Management thought leadership Across Policy, Training & Education, and Technology 2. Driving solutions in partnership with DoD elements Solutions applicable to Navy Dept and across DoD and interagency partners 3. Biometrically-enabled capabilities apply to broad domains Military operations, Physical access controls; Extending to Logical access & Business functions 17