15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

Slides:



Advertisements
Similar presentations
June 27, 2005 Preparing your Implementation Plan.
Advertisements

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
1 HSPD-12 Compliance: The Role of Federal PKI Judith Spencer Chair, Federal Identity Credentialing Office of Governmentwide Policy General Services Administration.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Program Managers Forum
The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
1 GPO PKI – Getting Started U.S. Government Printing Office May 20, 2011.
Ongoing Efforts to Build The US Federal PKI Bridge
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.
1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.
Public Key Infrastructure (PKI) Hosting Services.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Enterprise PACS Best Practices
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
Department of Labor HSPD-12
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
The U.S. Federal PKI and the Federal Bridge Certification Authority
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
PIV Data Model Testing Ketan Mehta March 3, 2006.
E-Authentication: What Technologies Are Effective? Donna F Dodson April 21, 2008.
1 Implementation of Homeland Security Presidential Directive 12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide FED/ED.
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.
The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee.
The U.S. Federal PKI, 2004: Report to EDUCAUSE Peter Alterman, Ph.D. Assistant CIO for E-Authentication National Institutes of Health.
©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments “Another.
NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Federal CIO Council Information Security and Identity Management Committee IDManagement.gov FICAM Testing Program and Approved Products List (APL) Overview.
Electronic Submission of Medical Documentation (esMD) Digital Signature and Author of Record Pre-Discovery Wednesday May 9,
NIH Policy Manual 2811 Policy on Smart Card Authentication iTrust Forum Mark L. Silverman December 10, 2009
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.
PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.
NIST E-Authentication Technical Guidance Bill Burr Manager, Security Technology Group National Institute of Standards and Technology
Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001.
Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council
Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
1 Federal Identity Management Infrastructure and Policy David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide August 15,
Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.
Ketan Mehta March 3, 2006 PIV Data Model Testing Ketan Mehta March 3, 2006.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Technical Approach Chris Louden Enspier
E-Authentication: What Technologies Are Effective?
HIMSS National Conference New Orleans Convention Center
NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.
2015 January February March April May June July August September
Presentation transcript:

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung

15June’062 NASA PKI and the Federal Environment Background  eGov Act of 2002 established 24 applications in 4 areas –Government to Citizen  Government to Business –Government to Government  Internal Efficiency & Effectiveness –25th, eAuthentication Initiative, cut across all four areas »Provides a consistent means to authenticate identity of users  December OMB established 4 identity authentication assurance levels for eGov transactions –1 Little or no assurance 3 High assurance –2 Some assurance4 Very High Assurance  April-May NASA updated our PKI requirements – Extant requirements developed in 1997 –Need to update for changing NASA environment  June NIST provided technical requirements for each authentication level –1 PINs3 PKI software –2. Passwords4 PKI hardware

15June’063 NASA PKI and the Federal Environment Background, cont.  August Homeland Security Presential Directive #12 (HSPD-12), Policy for a Common Identification Standard for Federal Employees and Contractors –Mandated NIST develop a Government-wide standard for secure and reliable forms of identification to be issued by the Federal Government to its employees and contractors  September NASA decides to continue using Entrust as its PKI and outsource operations to the Department of the Treasury  December OMB required agencies to use a Shared Service Provider (SSP)  February NIST Federal Information Processing Standard (FIPS) 201: Personal Identity Verification for Federal Employees and Contractors (update draft March 2006) –Required a myriad of NIST Special Publications with guidance on different aspects of FIPS-201; , , , , A, B, ,  August OMB required agencies to develop and submit an HSPD-12 implementation plan

15June’064 NASA PKI and the Federal Environment FIPS-201 PKI Implications  Mandates a PKI authentication certificate be on PIV 2 compliant smart card  Mandates two factor authentication for logical access to all agencies computer and network resources  Mandates PKI key sizes and digital signature algorithms  Requires changes to the FPKI Common Policy Framework Certificate Policy

15June’065 NASA PKI and the Federal Environment So What Does This Mean for the NASA PKI?  NASA must provide PKI credentials to all employees and on-site (behind the firewall) contractors –NASA purchased 100,000 Entrust licences in March 2005  Treasury must become an SSP if NASA wants to outsource our PKI operations to them –Treasury agrees and submits their application in April 2005 –Treasury completes the process June 2006  NASA must begin to provide background checks for all new employees and contractors by October 27, 2006  NASA must begin to issue FIPS-201 PIV 2 compliant badges to all new employees and contractors by October 27, 2006 –These badges must include a PKI authentication certificate  NASA must have an approved HSPD-12 implementation plan –Submitted December 2005 –OMB is asking agencies to update their plan by August 2006  NASA must begin using two-factor authentication for all logical access to NASA resources

15June’066 NASA PKI and the Federal Environment So What Does This Mean for the Federal PKI?  FPKI Common Policy Changes –Need to include OIDs for new authentication certificate –Need to include requirements for availability of CAs –Need to include requirements for availability of CRLs –Need to change publication frequency for CRLs –Need to change encryption and digital signature key sizes »Increase from current 1024 bit RSA to 2048 bit by 1 January 2009 –Need to change digital signature algorithm »Move from current SHA-1 to SHA-224 or SHA-256 by 1 January 2011  Common Policy and FBCA Harmonization Required –One change will be agencies cross-certified with FBCA must assert the common policy OID beginning in 2008  Forces agencies to make changes to their PKIs to comply  Unclear whether or not an agency must be subordinate to Common Policy CP starting in 2008

15June’067 NASA PKI and the Federal Environment Backup Slides

15June’068 NASA PKI and the Federal Environment NIST 800 Series Related to FIPS 201  Interfaces for Personal Identity Verification, March 2006 (updated April 20, 2006)  Biometric Data Specification for Personal Identity Verification, February 2006  Cryptographic Algorithms and Key Sizes for Personal Identity Verification, April 2005  Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations, July 2005  A PIV Card Application and Middleware Interface Test Guidelines (SP compliance),April 2006  Draft B, PIV Data Model Conformance Test Guidelines, May 25, 2006  Codes for the Identification of Federal and Federally- Assisted Organizations, October 2005 (document updated January 17, 2006)  Draft SP PIV Card/Reader Interoperability Guidelines

15June’069 NASA PKI and the Federal Environment NASA’s Relationship to the FBCA & Common Policy CA Sub Authorized [Sub ordinate reference] Sub Authorized [Sub ordinate reference] Cross Certification [mutual or two-way reference] Common Policy CA Federal Bridge CA Treasury Root CA (TRCA) NASA Operational CA (NOCA) Cross Certification [mutual or two-way reference]

15June’0610 NASA PKI and the Federal Environment NASA’s Original PKI Architecture RA Operation CA Operation PKI Directory FBCA Cross Certification Policy Tech Support User & RA Software Testing & Distribution Training Documentation SuperRA Service PK Enabled Services NASA

15June’0611 NASA PKI and the Federal Environment NASA’s SSP PKI Architecture Treasury RA Operation CA Operation PKI Directory FBCA Cross Certification Policy Tech Support User & RA Software Testing & Distribution Training Documentation SuperRA Service PK Enabled Services NASA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.