Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Published byLorraine Curtis Modified over 8 years ago

Similar presentations

Presentation on theme: "Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority."— Presentation transcript:

1 Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority

2 Agenda Current state of the Federal PKI Bridge-to-Bridge Update FIPS 201 and Chicken Little –Pending Issues –Why this matters to You

3 Simplified Diagram of Federal PKI Federal Bridge CA C4 CA E-Gov CAs (3) Common Policy CA Cross- Certified gov PKIs Cross- Certified External PKIs ? eAuth CSPs Shared Service Provider PKIs (Common Policy OID And root Cert)

4 Federal PKI: Summary No architectural changes in last 6 months – stable Closure near on path discovery/path validation tools and services Cross-certification approved with first commercial partner – Wells Fargo Bank, and near with Boeing New Federal Bridge CP adopted in RFC 3647 format incorporating Medium Hardware LOA New Federal Certificate Profile adopted requiring populating AIA or SIA fields Most of the work diverted to HSPD-12 implementation

5 Federal PKI: Shared Service Provider Update New High Assurance Policy for Common Policy CA approved One new Shared Service Provider approved and two others in process No new self-signed Agency PKIs allowed unless waiver granted from OMB.

6 Federal PKI and EAuthentication PKI required for Levels 3 & 4 EAuth management still clueless about integrating PKI into operational vision Therefore, focusing on LOA 1 & 2 with SAML as transport

7 Bridge to Bridge Update Policy roadblock (citizenship of trusted operators) surmounted by creating “commercial best practice” policies at Medium and Medium Hardware LOA FBCA reserves High Assurance cross-certification for governments only SAFE bridge (pharmaceutical) operational Certipath bridge (aerospace) open for business before 12/31 – already in technical interoperability testing with FBCA HEBCA aiming for Medium Hardware cross-certification with FBCA; USHER aiming for ??

8 FIPS 201 and Chicken Little FIPS 201 mandates both identity proofing standards and PKI on a SmartCard for all feds and inside contractors Identity Proofing standard required 10/05 of ALL federal agencies; security checks of all new hires; over next 12 months, security checks of all employees and contractors. Huge $$ and bottlenecks expected. SmartCard standards in place but incomplete. No products yet available. Middleware also playing catch- up. Both promised for 2Q06. Agencies stunned and busy playing catch-up with little money to implement. Meteorologists predict a blast of hot air followed by a blizzard of meaningless but expensive paper. A blessed few will succeed, making everybody else look inept. Blame will be spread wide.

9 Discussion

Download ppt "Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority."

Similar presentations

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.
PKI deployment in the Aerospace Industry

PKI deployment in the Aerospace Industry
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Federal PKI Architecture Update

Federal PKI Architecture Update
Ongoing Efforts to Build The US Federal PKI Bridge

Ongoing Efforts to Build The US Federal PKI Bridge
SAFE-BioPharma Association NSTIC Day How does industry drive forward.

SAFE-BioPharma Association NSTIC Day How does industry drive forward.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
Copyright Judith Spencer 2002. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Judith Spencer This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.

NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.
Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,

Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael.

US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael.
The U.S. Federal PKI and the Federal Bridge Certification Authority

The U.S. Federal PKI and the Federal Bridge Certification Authority
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.

Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.

Similar presentations

Ads by Google