Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Need for Trusted Credentials Information Assurance in Cyberspace Judith Spencer Chair, Federal PKI Steering Committee www.cio.gov/fpkisc.

Published byAubrey Ellis Modified over 8 years ago

Similar presentations

Presentation on theme: "The Need for Trusted Credentials Information Assurance in Cyberspace Judith Spencer Chair, Federal PKI Steering Committee www.cio.gov/fpkisc."— Presentation transcript:

1 The Need for Trusted Credentials Information Assurance in Cyberspace Judith Spencer Chair, Federal PKI Steering Committee www.cio.gov/fpkisc

2 Doing Business with the Public Today Face to Face Telephone Jane Q. Smith 123 Main Street Anytown, USA State Driver’s License Identification Number Expiration Date P-123-456-789 01-01-2010 Birth Date Issue Date 12-31-197512-20-2000 Height Weight Sex 5-06 130F JaneQSmith IRS Form 1040 Line 32............................. $98,765 Written Request JaneQSmith

3 Factors Privilege Management Signature Required Identity Verification Required Identity Verification Not Required Low Risk High Risk General Information Change Request Benefits Application Personal Information Proprietary Information Defining the Risk

4 Are There Levels of Trust? No confidence is placed in the asserted real-world identity of the client or no real-world identity is asserted. On the balance of probabilities, the registrant’s real-world identity is verified. There is substantial assurance that the registrant’s real-world identity is verified. The registrant’s real-world identity is verified beyond reasonable doubt. Courtesy of the UK Government, Office of the E-Envoy

5 Types of Evidence Personal statement. –Individual provides personal data about him/herself Documentary evidence. –Individual provides collateral documents to confirm the information provided. Third party corroboration. –A trusted entity that can confirm information provided. Biometrics. –Physical evidence tying individual to the asserted identity. Existing relationship. –Individual’s previous interactions with the registration agent. (e.g. Bank customer) Courtesy of the UK Government, Office of the E-Envoy

6 Doing Business with the Public Tomorrow Statutory Requirement to offer an electronic option: Government Paperwork Elimination Act, October 1998 –Commitment to on-line government –Public electronic access by October 2003... A signature may not be denied legal effect simply because it is electronic...

7 Your Choices Automated Telephone Interaction E-mail interaction Web services

8 Today’s E-Government Requirements Government agencies need to innovate at an ever increasing pace E-Government success requires broad interoperability –Within an enterprise –Between business partners –Across a heterogeneous set of platforms, applications, and programming languages Internet technologies are assumed, Interoperability is required –E-Government platforms enable more rapidly developed interoperability

9 But... Without trust and security Web Services are dead on arrival

10 Facets of Building Trust FacetDescription IdentificationWho are you? AuthenticationHow do I know you are who you claim to be? AuthorizationAre you allowed to perform this transaction? IntegrityIs the data you sent the same as what I received? ConfidentialityAre we sure no one else read the data you sent? AuditingRecord of transactions to assist in looking for security problems? Non-repudiationCan you prove the sender sent it, and the receiver received the identical transaction? Thanks to Karl Best, Director of Technical Operations, OASIS

11 Facets of Building Trust FacetDescription IdentificationWho are you? AuthenticationHow do I know you are who you claim to be? AuthorizationAre you allowed to perform this transaction? IntegrityIs the data you sent the same as what I received? ConfidentialityAre we sure no one else read the data you sent? AuditingRecord of transactions to assist in looking for security problems? Non-repudiationCan you prove the sender sent it, and the receiver received the identical transaction? Thanks to Karl Best, Director of Technical Operations, OASIS

12 But... What About Identity Assurance in Cyberspace? No Physical Presence No Photo ID No Physical Document with Signature No Human Voice

13 A Few Facts The Internet is perceived as being inherently anonymous In order to conduct trusted transactions, we must know with whom we are dealing Knowledge must be within reasonable risk limits Trusted electronic credentials provide the means to link an asserted identity in the electronic medium to physical credentials

14 Preconditions for Credential ‘Trustworthiness’ Unique to the person using it Under the sole control of the person using it Capable of verification Credential Pedigree –Institutional Standing of the Provider –Governance –Establishment of Identity –Credential Control

15 E-Authentication Will: Evaluate Electronic Credential Providers Apply a common set of universally understood Assurance Levels Provide a tool for performing Risk Assessment Interact with FirstGov portal and Agency business processes to broker identity assurance Provide the public with a single sign-on capability and a common interface for doing electronic transactions with government through the Gateway

16 Assessing the Need Perform Transaction-level Risk Assessment on your e-Government process Review OMB e-Authentication Guidance Choose the e-Authentication assurance level that meets your needs Then Work with the e-Authentication team to ensure Gateway interoperability

17 Thank You For your Time & Attent ion

Download ppt "The Need for Trusted Credentials Information Assurance in Cyberspace Judith Spencer Chair, Federal PKI Steering Committee www.cio.gov/fpkisc."

Similar presentations

What is. Digital Certificate It is an identity.

What is. Digital Certificate It is an identity.
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: 020 8275 0102 Mobile: 07771 765789.

Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: Mobile:
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Functional component terminology - thoughts C. Tilton.

Functional component terminology - thoughts C. Tilton.
State Portal Advisory Committee Kick-Off meeting 12 August 2010 Prepared by: Ivy Hoffman and George Bakolia.

State Portal Advisory Committee Kick-Off meeting 12 August 2010 Prepared by: Ivy Hoffman and George Bakolia.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
Online Identity Authentication and Data Broker SNAP Director’s Conference September 23, 2013.

Online Identity Authentication and Data Broker SNAP Director’s Conference September 23, 2013.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Federal Approach to Electronic Credentials For services to citizens, businesses, other governments, and employees Mary J. Mitchell Office of Electronic.

Federal Approach to Electronic Credentials For services to citizens, businesses, other governments, and employees Mary J. Mitchell Office of Electronic.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
SOLVE THE PROBLEM OF IDENTITY THEFT An online, real-time solution for KYC, POPI, RICA and FICA compliance May 2015 www.fidescloud.co.za.

SOLVE THE PROBLEM OF IDENTITY THEFT An online, real-time solution for KYC, POPI, RICA and FICA compliance May
Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.

Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.
NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.

NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.

The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.
By Garland Land NAPHSIS Consultant. Importance of Birth Certificates Needed for: Social Security Card School Enrollment Driver’s License Passport.

By Garland Land NAPHSIS Consultant. Importance of Birth Certificates Needed for: Social Security Card School Enrollment Driver’s License Passport.

Similar presentations

Ads by Google