Presentation is loading. Please wait.

Presentation is loading. Please wait.

EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.

Published byJeffery Watkins Modified over 7 years ago

Similar presentations

Presentation on theme: "EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005."— Presentation transcript:

1 eAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005

2 eAuthentication Background HSPD-12 ● Mandates of federal agencies to issue ID credentials using FIPS-201 identity proofing procedures beginning October 2005 ● Mandates all federal agencies begin issuing SmartCards with Medium assurance digital certs by October 2006

3 eAuthentication Program ● Provide a single source of identity authentication for federal agency applications – NSF’s FastLane grant application and communication package ● To develop and promulgate policies and procedures to sustain a common identity federation for the federal government in support of eGov ● Burton Group report http://www.cio.gov/eauthentication/documents/BurtonGroupEAreport.pdf

4 Summary of eAuthentication Approach Four levels of assurance (LOA)  LOA 1 and 2 are assertion-based – such as userid/password, SAML, Shibboleth  LOA 3 and 4 are cryptographically-based – such as PKI  LOA level required to be based on Risk Assessment

5 Summary of eAuthentication Approach Agency Applications Agency Applications (resource provider) determine their own authorization requirements Rely on credentials issued by external Credential Service Providers who submit to an assessment based on a Credential Assessment Framework – CAF’ing

6 Credential Assessment Framework Create a federated circle of trust A structured methodology and procedure for evaluating the LOA of a Credential Service Provider’s (CSP) credentials An assessment team visits and evaluates the CSP A process for conflict resolution established

7 Federation Interoperability Interfederation Interoperability Work Group InCommon Use Shibboleth middleware technical protocols “Policy” light E-Authentication US Identity Federation Use a variety of technical protocols Policy intensive

8 Federation Interoperability Proof of Concept Technical interoperability of identity credentials and utilities has been demonstrated Production level interoperability is built into Shibboleth 1.3 beta Credential assessment of 4 Universities

9 Resources E-Authentication home http://www.cio.gov/eauthentication NIST http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63v6_3_3.pdf E-Authentication Credential Assessment Suite http://www.cio.gov/eauthentication/CredSuite.htm Credential Assessment Framework http://www.cio.gov/eauthentication/documents/CAF.pdf

Download ppt "EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005."

Similar presentations

PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.

PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.
Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
Ongoing Efforts to Build The US Federal PKI Bridge

Ongoing Efforts to Build The US Federal PKI Bridge
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.

HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.

US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,

Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.

Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.

NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

Similar presentations

Ads by Google