Presentation is loading. Please wait.

Presentation is loading. Please wait.

Helena Sims NACHA – The Electronic Payments Association Overview of The Electronic Authentication Partnership Tenth Federal & Higher Education PKI Coordination.

Similar presentations


Presentation on theme: "Helena Sims NACHA – The Electronic Payments Association Overview of The Electronic Authentication Partnership Tenth Federal & Higher Education PKI Coordination."— Presentation transcript:

1 Helena Sims NACHA – The Electronic Payments Association Overview of The Electronic Authentication Partnership Tenth Federal & Higher Education PKI Coordination Meeting

2 Electronic Authentication Partnership Mission Statement Goal: –Reliable Identity Authentication –Convenience –Ease of use We Propose to: –Create a voluntary partnership –Promote trust and Interoperability –Develop an evaluation process –Build on what exists –Work cooperatively with other nations’ identity systems

3 Tasks: The EAP Will Develop Operating Rules Addressing –Business requirements and processes –Standards for Credentials –Hierarchical assurance levels –Criteria for evaluating credentials at each assurance level Evaluation, accreditation and compliance with credentialing process Accreditation List

4 EAP Framework: Benefits Focuses on traditional problem areas for federated authentication. Complements and leverages existing initiatives. Provides a framework that will: –Enhance the utility and portability of credentials across circles of trust. –Expand markets by promoting wider use of credentials. –Help authentication initiatives validate their approaches to credentialing.

5 EAP Framework Authentication Risk and Assurance Levels Credential requirements Accreditation process for credentials & providers Common business rules List of trusted credential providers with EAP brand Governance Structure A public/private governance structure to establish and maintain a federated identity management framework

6 EAP Framework: Development Approach USG Private sector Educatio n Health Etc. Processes and Rules Sets Credential Standards Evaluation processes EAP Working Groups produce EAP Framework EAP Framework Reassess and update based on market conditions and changes

7 Background Spring 2003 White Papers by CSIS and Johns Hopkins June through December Four CSIS Work Group Meetings December 11, Public Forum to Announce EAP 2004 – Six Meetings So Far Active Workgroups

8 Workgroups Business Requirements and Processes –Linda Elliot, PingID Network, Chair –Thomas J. Greco, Betrusted, Vice Chair Credential Services Assessment Criteria, Levels of Assurance –R.J. Schlecht, Mortgage Bankers Association of America, Chair –Von Harrison, GSA, Vice Chair –Subworkgroup Chairs Dr. Peter Alterman, NIH Nancy Black, Consultant

9 Workgroups Evaluation, Accreditation and Compliance –Cornelia Chebinou, National Association of State Auditors, Comptrollers and Treasurers, Chair EAP Governance –Paula Arcioni, New Jersey Office of Information Technology, Chair –Roger Cochetti, CompTIA, Vice Chair

10 Workgroup on Business Requirements and Processes General Rights and Obligations –Credential Services Providers –Relying Parties Assessor Participation Agreements Process to Bind Participants to Business Rules Privacy and Fair Information Practices Enforcement and Recourse, including fines

11 Workgroup on Services Assessment Criteria, Levels of Assurance and Technical Interoperability Levels of Assurance Service Assessment Criteria (SAC) for use by Assessors –Common Organizational SAC –Identity Proofing SAC –Credential Management SAC Technical Interoperability –Components of interoperability –Options and recommendations for EAP adoption

12 Workgroup on Evaluation, Accreditation and Compliance Accreditation, Assessment and Certification –Accreditation of Assessors –Certification of Credential Service Provider Offerings –Process for Handling Non-Compliance –Acceptable Public Statements Regarding EAP Accreditation and Certification

13 Workgroup on EAP Governance Developed Charter – Approved September 2, 2004 Developing EAP Budget

14 Time Frames Remainder of 2004 –Election of Board and Officers –Adoption of First Set of Operating Rules 2005 – Earlier Adopters Phase –Revise Rules Based on Experience 2006 –Production Phase - Begin Full Scale Implementation

15 EAP Information Next Meeting: February 9, 2005 in DC –Come Join Us! –To Register: Web Site:

16


Download ppt "Helena Sims NACHA – The Electronic Payments Association Overview of The Electronic Authentication Partnership Tenth Federal & Higher Education PKI Coordination."

Similar presentations


Ads by Google