Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Slides:



Advertisements
Similar presentations
NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.
Advertisements

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Program Managers Forum
Federal PKI Architecture Update
Ongoing Efforts to Build The US Federal PKI Bridge
SAFE-BioPharma Association NSTIC Day How does industry drive forward.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Federal Approach to Electronic Credentials For services to citizens, businesses, other governments, and employees Mary J. Mitchell Office of Electronic.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
The U.S. Federal PKI and the Federal Bridge Certification Authority
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
The 4BF The Four Bridges Forum Higher Education Bridge Certificate Authority.
Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.
NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.
Intra-ASEAN Secure Transactions Framework Project Progress Report
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee.
The U.S. Federal PKI, 2004: Report to EDUCAUSE Peter Alterman, Ph.D. Assistant CIO for E-Authentication National Institutes of Health.
©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments “Another.
Bridge-to-Bridge Working Group (BBWG) Debb Blanchard, Cybertrust EDUCAUSE Federal and Higher Education PKI Coordination Meeting June 16, 2005 The Fairmont.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
The Evolving U.S. Federal PKI Richard Guida Chair, Federal PKI Steering Committee Federal Chief Information Officers Council
E-Authentication: The Need for Public and Private Sector Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.
PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.
Government-University Identity Management Opportunities Peter Alterman, Ph.D. Chair, U.S. Federal PKI Policy Authority and Assistant CIO/E-Authentication,
Credentialing in Higher Education Michael R Gettes Duke University CAMP, June 2005, Denver Michael R Gettes Duke University
The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.
I-CIDM Bridge to Bridge Working Group (BBWG) Purpose and Activities Fed-Ed Meeting The Fairmont Hotel Washington, DC December 14, 2004 Debb Blanchard Enspier.
TAGPMA & the Bridge WG (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Activities and Applications Update - Chicago, IL.
Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.
The Federal PKI Or, How to Herd Worms Peter Alterman Senior Advisor, Federal PKI Steering Committee.
NIST E-Authentication Technical Guidance Bill Burr Manager, Security Technology Group National Institute of Standards and Technology
E-Authentication Overview & Technical Approach Scott Lowery Technical Track Session.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
The Feds and Shibboleth Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health.
Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
Higher Ed Bridge CA Extending Trust Across Higher Education - And Beyond David L. Wasley University of California.
Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council
Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
National Institutes of Health Interfederation Initiatives Peter Alterman, Ph.D. Assistant CIO for e-Authentication.
Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007.
Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.
Interoperability and the Evolving Federal PKI Richard Guida, P.E. Member, Government Information Technology Services Board Chair, Federal PKI Steering.
1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.
Federal Identity Management Overview and Current Status Dr. Peter Alterman, Chair Federal PKI Policy Authority.
Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.
Grids & PKI: TAGPMA & Bridges (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Implementers Workshop - Chicago, IL.
U.S. Federal e-Authentication Initiative
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Technical Approach Chris Louden Enspier
Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007.
Inter-institutional Trust Fabric Overview and Synergies
Australian PKI experience
Presentation transcript:

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority

2 Agenda Definitions Federal PKI LOA and Federal PKI Policies Mapping LOA in a Bridged Environment EAuthentication LOA and a word about technologies Relationship Between FPKI LOA and EAuthentication LOA A footnote on the E-Authentication Partnership LOA

3 Definition Levels of Assurance of identity (LOA): the extent to which an electronic identity credential may be trusted to actually represent that the individual named in the credential is the same person engaging in the electronic transaction with the application, service or relying party. Based upon two categories: trustworthiness of identity proofing process and trustworthiness of credential management function (includes technology and implementation/management).

4 Federal PKI Federal Bridge CA Common Policy Framework CA Citizen and Commerce Class Certificate (C4) CA EAuthentication 1 & 2 CA

5 Federal PKI LOA: FBCA Five LOA 1.Rudimentary 2.Basic 3.Medium 4.Medium Hardware 5.High Seven Policies 1.Rudimentary 2.Basic 3.Medium 4.Medium-cbp 5.Medium Hardware 6.Medium Hardware- cbp 7.High

6 Federal PKI LOA: Common Policy Framework Federal PKI LOA: Common Policy Framework Three LOA 1.Medium 2.Medium Hardware (implied) 3.High (pending) For Federal Agency Use Only After 10/2006, Medium goes away, leaving two LOA in the Common Policy Framework CP Cross-certified with FBCA at Medium, Medium Hardware (in process) and High (pending)

7 FPKI LOA: C4 Citizen and Commerce Class Certificate Does not map to any other LOA scheme in Federal PKI Maps to EAuthentication Level 2 or 1, depending on identity proofing process Temporary – 6 months or Permanent

8 FPKI LOA: EAuthentication 1 and 2 Issues TLS certificates to Credential Service Provider servers issuing EAuthentication Levels 1 and 2 electronic identity credentials Purpose is for mutual authentication of TLS session between agency application or EAuthentication service and Credential Service Provider to validate credentials presented during egov transactions No mapping to FBCA

9 FPKI LOA: Policy Issues Non-government PKIs may operate at High Assurance but FPKI will not cross-certify any non-government PKI higher than Medium Hardware/Medium Hardware-cbp –Requirement imposed to satisfy international trade policy exclusions FPKI considers Medium and Medium-cbp equivalent FPKI considers Medium Hardware and Medium Hardware-cbp equivalent

10 EAuthentication LOA From OMB M Four Levels –Levels 1 and 2 are assertion-based, e.g., userid/password, etc. but may include crypto- based credentials depending on identity proofing and security implementations –Levels 3 and 4 are crypto-based, e.g., PKI, distinguished by identity proofing and security implementations.

11 LOA Mapping: E-Auth to Fed PKI E-Auth Level 1 E-Auth Level 2 E-Auth Level 3 E-Auth Level 4 FPKI Rudimentary; C4 FPKI Medium/HW & Medium/HW-cbp FPKI Basic FPKI Medium & Medium-cbp FPKI High (government only)

12 E-Authentication Partnership LOA Proposed for commercial implementations operating under proposed EAP rules (pending) Mirror US Federal EAuthentication LOA –Level 1 / Minimal Assurance –Level 2 / Moderate Assurance –Level 3 / Substantial Assurance –Level 4 / High Assurance

13 Questions? Discussion?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.