Presentation is loading. Please wait.

Presentation is loading. Please wait.

Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005.

Published byRudolph Little Modified over 8 years ago

Similar presentations

Presentation on theme: "Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005."— Presentation transcript:

1 Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005

2 Confidential and Proprietary 1 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Introduction Guidance for credentialing managers, their leadership, implementation teams, and other stakeholders as they pursue compliance with HSPD 12. Provides specific implementation direction on course of action, business & policy, schedule requirements, acquisition planning, migration planning, lessons learned, and case studies and implementation tools. A collaborative effort: The Federal Identity Credentialing Committee (FICC) Smart Card Interagency Advisory Board (IAB) Federal PKI Authority (FPKIA) Office of Management and Budget (OMB) National Institute for Standards and Technology (NIST) U.S. Department of Defense Smart Card Alliance Many other contributors

3 Confidential and Proprietary 2 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Organization Information Flow is similar to FIPS 201 with some key differences Major Sections Include 1.0 Introduction 2.0 PIV I – Common Identification, Security and Privacy Requirements 3.0 PIV - Validation Certification & Accreditation 4.0 PIV II – Front End Sub-System 5.0 Implementation Planning Appendix – Tools and References Primary Flow of PIV I and PIV II Sections Description Mandatory Requirements Optional Items Implementation Recommendations Idea and Suggestions Summary

4 Confidential and Proprietary 3 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Organization (Continued) Additional Guidance Meant to be all-inclusive and informative – but not too technical A “living” document with plans for regular update OMB Guidance & FAQ’s Agency Plan Template Implementation Roadmap Migration Planning Acquisition Planning Lesson’s Learned Case Studies Tools & Illustrations Useful Index Common Thread – Education, Training & Awareness

5 Confidential and Proprietary 4 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Implementation Plan Template

6 Confidential and Proprietary 5 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Implementation Roadmap Making the best use of the information Recognizes that all Agencies are at different starting points Provides a sample implementation path (how to get started) 1.Gain a clear understanding of your agency’s current access control policies 2.Reach agreement on future policy as it pertains to HSPD-12. This is key because these policies will drive your requirements 3.Involve the primary Agency Stakeholders in the process 4.Establish a list of objectives your agency wants to achieve while meeting the directive 5.Using the policy decisions develop an initial list of requirements. 6.Communication, Training & Awareness

7 Confidential and Proprietary 6 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Migration Planning

8 Confidential and Proprietary 7 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Sample Organization

9 Confidential and Proprietary 8 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Acquisition Planning Identifying Resource Requirements Change Management Identifying Potential Funding Streams Current Procurement Methods GSA Smart Card Contract Vehicle GSA Schedules Aggregated buy Acquisition Stakeholders

10 Confidential and Proprietary 9 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Acquisition Planning (Continued) Major Components of an Identity Management System

11 Confidential and Proprietary 10 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Anticipating Costs

12 Confidential and Proprietary 11 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Acquisition Planning (Continued) Agency Sponsorship Shared Service Providers Acquisition Planning Template (Appendix A) Statement of Need Background Acquisition Alternatives Life Cycle Costs Delivery Requirements Performance Period Risks as Identified in the OMB Agency Plan

13 Confidential and Proprietary 12 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Lessons Learned & Case Studies Lesson’s Learned Implementation Management Stakeholder Involvement System Design User Training Pre-Issuance Post-Issuance Case Studies Department of State Department of Interior Department of Homeland Security

14 Confidential and Proprietary 13 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Tools Sample PIV Request Form

15 Confidential and Proprietary 14 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Tools Implementation Checklist

16 Confidential and Proprietary 15 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Tools

17 Confidential and Proprietary 16 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Schedule Released for Public Comment Feb Comment Period Closed Mar Comments Incorporated Apr Revision submitted to FICC for Review & Comment Addition of OMB Guidance & Revised Agency Plan Template Planned Updates Conformance Testing Certification & Accreditation Reference Implementation End-User Training GSA Acquisition Services Agency Sponsorship NIST Special Technical Pubs Section 508 (Disabilities Act)

18 Confidential and Proprietary 17 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. References  Supporting Publications  SP 800-73 – Interfaces for Personal Identity Verification (card interface commands and responses)  SP 800-76 – Biometric Data Specification for Personal Identity Verification  SP 800-78 –Cryptographic Algorithms and Key Sizes for Personal Identity Verification  NIST PIV Website (http://csrc.nist.gov/piv-project/)  Documents  Frequently Asked Questions (FAQs)  Comments Received in Original Format  FICC Website (CIO.Gov/FICC)  Identity Management Handbook  Smart Card Handbook

19 Confidential and Proprietary 18 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Contact Ralph Billeri BearingPoint Inc. 1725 Duke St. Suite 700 Alexandria, VA 22314 ralph.billeri@bearingpoint.com 703 519-2314

Download ppt "Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005."

Similar presentations

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.
Intro. Website Purposes  Provide templates and resources for developing early childhood interagency agreements and collaborative procedures among multiple.

Intro. Website Purposes  Provide templates and resources for developing early childhood interagency agreements and collaborative procedures among multiple.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.

1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.
Department of Health and Human Services Personal Identity Verification Training APPLICANT.

Department of Health and Human Services Personal Identity Verification Training APPLICANT.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
SMALL BUSINESS PLAN GUIDE

SMALL BUSINESS PLAN GUIDE
1 Executive Office of Public Safety. 2 National Incident Management System.

1 Executive Office of Public Safety. 2 National Incident Management System.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
PIV Data Model Testing Ketan Mehta March 3, 2006.

PIV Data Model Testing Ketan Mehta March 3, 2006.
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.

Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Centers for IBM e-Business Innovation :: Chicago © 2005 IBM Corporation IBM Project October 2005.

Centers for IBM e-Business Innovation :: Chicago © 2005 IBM Corporation IBM Project October 2005.
Department of Economic Opportunity WelcomeTo Contract Review Form Training.

Department of Economic Opportunity WelcomeTo Contract Review Form Training.

Similar presentations

Ads by Google