Identity Management An Executive Perspective

Similar documents
An Operational Architecture for Federated Identity Management

Audio: This overview module contains an introduction, five lessons, and a conclusion.

NOAA HSPD-12 PIV-II Implementation October 23, Who is responsible for implementation of HSPD-12 PIV-II?

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

2. APPLICABILITY AND SCOPE

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT

HSPD-12 Homeland Security Presidential Directive #12 Overview

Department of Defense INSTRUCTION

Operational and Policy Considerations. Glenn R. Cook Department of Information Sciences Naval Postgraduate School Monterey, CA

Identity & Privacy Protection

E X E C U T I V E O F F I CE O F T H E P R E S I D EN T

DEPARTMENTAL REGULATION

NSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment. Version: 1.1 Date: 12/04/2006. National Science Foundation

DEPARTMENT OF DEFENSE GUIDEBOOK FOR CAC-ELIGIBLE CONTRACTORS FOR UNCLASSIFIED NETWORK ACCESS

Using FIPS 201 and the PIV Card for the Corporate Enterprise

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006

INFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) IDENTITY AND ACCESS MANAGEMENT FRAMEWORK FOR THE ISE VERSION 1.0

Commonwealth of Virginia Personal Identity Verification-Interoperable (PIV-I) First Responder Authentication Credential (FRAC) Program

NC CJIN Governing Board. 13 October, George A. White

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals

What s it all about? SAFE-BioPharma Association

Federal Identity Management Handbook

Canadian Access Federation: Trust Assertion Document (TAD)

Identity and Access Management Initiatives in the United States Government

FEDERAL IDENTITY, CREDENTIAL, AND ACCESS MANAGEMENT AND PERSONAL IDENTITY VERIFICATION (PIV) SOLUTIONS

Status: Final. Form Date: 30-SEP-13. Question 1: OPDIV Question 1 Answer: OS

Multi-Factor Authentication of Online Transactions

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Canadian Access Federation: Trust Assertion Document (TAD)

Information Technology Policy

Lots of workers, many applications, multiple locations......and you need one smart way to handle access for all of them.

DRAFT Pan Canadian Identity Management Steering Committee March 1, 2010

US Security Directive FIPS 201

Mission Assurance and Security Services

How to get from laws to technical requirements

U.S. DEPARTMENT OF COMMERCE UNITED STATES PATENT AND TRADEMARK OFFICE. Privacy Impact Assessment

For Official Use Only (FOUO)

Smart Cards and Biometrics in Physical Access Control Systems

Moving to Multi-factor Authentication. Kevin Unthank

Glossary of Key Terms

Emergency Response Official Credentials A Smart Card Alliance White Paper. Salvatore D Agostino CEO, IDmachines LLC sal@idmachines.

Interagency Advisory Board Meeting Agenda, September 27, 2010

STATEMENT OF GEORGE QUICK, VICE PRESIDENT INTERNATIONAL ORGANIZATION OF MASTERS, MATES & PILOTS

GFIPM Supporting all Levels of Government Toward the Holy Grail of Single Sign-on

HSIN R3 User Accounts: Manual Identity Proofing Process

Secure Your Enterprise with Usher Mobile Identity

Federal Identity, Credentialing, and Access Management. Identity Scheme Adoption Process

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

ATTACHMENT 1 GUIDANCE ON THE USE OF THE SSN BY THE DEPARTMENT OF DEFENSE

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

STATE OF LOUISIANA STANDARD OPERATING PROCEDURE. Statewide Credentialing/Access Program. All Hazards Access

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

Identity and Access Management Policy

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

Identity and Access Management The road to sustained compliance

Administration for Children and Families (ACF) National Human Services Interoperability Architecture Security DRAFT Version D0.

Privacy Impact Assessment of. Personal Identity Verification Program

1. The human guard at the access control entry point determines whether the PIV Card appears to be genuine and has not been altered in any way.

State Identity Credential and Access Management (SICAM) Guidance and Roadmap

THE LEADING EDGE OF BORDER SECURITY

IDaaS: Managed Credentials for Local & State Emergency Responders

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, DC

Understanding the differences in PIV, PIV-I, PIV-C August 23, 2010

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

Life After PIV. Authentication In Federated Spaces. Presented to. Card Tech/Secure Tech. May By Lynne Prince Defense Manpower Data Center

STATEMENT OF WORK. For

Developing a Federal Vision for Identity Management

Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements

U.S. Department of Energy Washington, D.C.

Small Business Administration Privacy Impact Assessment

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

Solving the Security Puzzle

SUBJECT: Directive-Type Memorandum (DTM) , Interim Policy Guidance for DoD Physical Access Control

2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.

Canadian Access Federation: Trust Assertion Document (TAD)


Modern two-factor authentication: Easy. Affordable. Secure.

FICAM and Software as a Service

Research Support Council (RSC) - What Data is Sensitive and How

Trust: When Physical and Logical Security Worlds Collide

Implementation Considerations and Future Plans

Cloud Security for Federal Agencies

Security Challenges. in Moving to Externalized Datacenters. (Focusing on SaaS) Eran Birk, Spring Business. Intelligence

I. U.S. Government Privacy Laws

Enterprise Digital Identity Architecture Roadmap

Government Compliance Document FIPS 201, FIPS 197, FIPS 140-2

Practical Challenges in Adopting PIV/PIV-I

Managing the Unpredictable Human Element of Cybersecurity

JEM Establishing identity during a disaster: The Emergency Management Assistance Compact and the First Responder Authentication Credential

Finance/Banking Security Solutions YOUR PARTNER OF CHOICE. Global Solutions For A Global Economy

National Capital Region. Electronic Designation and Validation of Federal/Emergency Response Officials (F/EROs) in support of National Preparedness

Enabling Security, Compliance and Efficiency: Achieve Your Federal Identification Credentialing Goals

Justice Management Division

Identity, Credential, and Access Management. Open Solutions for Open Government

Identity, Credential, and Access Management

Voice over IP Security: Issues and Answers

Government Smart Card Interagency Advisory Board Moving to SHA-2: Overview and Treasury Activities October 27, 2010

The Leading Provider of Identity Solutions and Services in the U.S.

Indiana University of Pennsylvania Information Assurance Guidelines. Approved by the Technology Utilities Council 27-SEP-2002

Transcription:

Identity Management An Executive Perspective May 6, 2008 Presented By: Mary Dixon Director, DMDC May 2008 1

Identity Management What is it? A Process that provides a solid foundation for benefits, logical and physical security and force protection (networks/ facilities/web services) Good Bad Verifying identity documentation history and suitability Binding identity information to credential. Associating credential with individual. (Authoritativ e Source) Discovering / Presentation of credential. (Was this credential issued to you) Authenticating credential. (Is this credential still valid) 2

Information-Sharing "[The federal government] We're charged with the security of the country, first responders are charged with the security of the country, and if we can't share information between vital agencies, we're not going to be able to do our job." - President George W. Bush, 04/20/2004* "No single step is more important to strengthen our intelligence than to improve information sharing." - Thomas H. Kean and Lee H. Hamilton, Chairman and Vice Chairman of the 9/11 Commission, respectively, 11/23/2005* *Source: 9/11 Commission Report

Old Think Personnel Security Personnel Credentialing Benefits Silos of Excellence Network Security Physical Security 4

New Think The Age of Services Biometrics Logical Access Authoritative Identity Databases PKI Physical Access Credentials Benefits Identity Proofing/Vetting Collect Once Use Many Times 5

UTILITY BACKBONE Electric Analogy END-USER Applications, chosen and managed by enduser Power Grid - Internally designed, managed - Exists to serve end-users - Standards-based interoperability across disparate jurisdictions, ownership User Interface - Has standardized physical and logical design characteristics to permit apps to interface with servicing utility *Thanks to Bill Gravell for use of this slide

Identity Management What Does It Take in New Think Will only get more complicated Information Sharing - Critical Interoperability Performance Trust Federation 7

Building on a Strong Foundation Role Access Control Role TWIC WHTI FRAC HSPD-12 Registered Traveler FiXs Affiliation Privileged Access Control 8 Affiliation

Roles/Attributes/Identity Are they the same? Do they each require own credential/certificate? Do they Change? Can a person/identity have more than one? Is identity necessary? Is identity sufficient? 9

The Big(gest) Picture Applications Information- Sharing Federated Services Root ID Federal Industry Coalition 10

Federation - FIPS 201 - Certificate Policy/Practice statements - Operating Rules - Minimum Adjudication Standards IT S ALL ABOUT TRUST! 11

Authentication vs. Authorization - Business Need - Trust Relationship - Authenticate - Authorization/Access Decision - Can they have access? - Can they use their credential? - What about roles and attributes?

Totally Authenticated World If we issue strong credentials Based on strong vetting AND Electronically authenticate every use Significantly reduce risk from Identity Theft 13

The Next Leap Forward Collaborate Federate Integrate The GOAL: World Class Integrated Identity Management 14

Meeting our Real Objectives Facilitate our ability to share information Improve security of our homeland Improve security of our people overseas Improve security of our networks All the while, ensuring the privacy of our people 15

Does It Really Work? Logical Access Results Successful intrusions decreased 46% in first year Physical Access Results Across 159 locations, average: 7.8 million entries per month 76 thousand denied accesses per month 16

Mary Dixon Director, Defense Manpower Data Center For more information: www.cac.mil www.dmdc.osd.mil/smartcard 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information