United States Department of Justice Global Security Working Group Update Global Advisory Committee November 2, 2006 Washington, D.C.
United States Department of Justice Overview Global Federated Identity and Privilege Management (GFIPM) –Outcome—adopt Global Federated Identity and Privilege Management (GFIPM): A Technical Concept Report as a recognized resource New Wireless Security Resource –Outcome—adopt Applying Wireless Security Practices to Justice Information Sharing as a recognized resource for the field GSWG Technical Privacy Task Team –Takeaway—Global standards and specifications are under development for privacy GSWG Framework for Trusted Information Sharing –Takeaway—GSWG framework is evolving
United States Department of Justice Global Federated Identity and Privilege Management (GFIPM) Problem statement –How should local, state, tribal, and federal justice and public safety organizations exchange identity information across domains to support real-time sessions or transactions within a secure environment?
United States Department of Justice Lessons From the GFIPM Demonstration Project Sponsored by DOJ and DHS to demonstrate essential GFIPM concepts through test implementations Participants –Criminal Information Sharing Alliance Network (CISA) –Regional Information Sharing Systems ® (RISS) –Pennsylvania Justice Network (JNET)
United States Department of Justice Success from the Field -- JNET
United States Department of Justice Proposed GAC Resolution—GAC on Behalf of Global Recognizes GFIPM as the recommended scalable approach for development of interoperable security functions for authentication and privilege management for information exchange among cross-domain justice information sharing systems Adopts the Global Security Working Group’s “Global Federated Identity and Privilege Management (GFIPM): A Technical Concept Report” as a recommended resource for defining the next steps and activities to further the utility of GFIPM for the justice community Urges the members of the justice community to consider GFIPM as a potential building block to a distributed security solution when authenticating users between organizations
United States Department of Justice New Wireless Security Resource Outcome—adopt “Applying Wireless Security Practices to Justice Information Sharing” as a recognized resource for the field. –Available in CD format –Available at
United States Department of Justice Goal—Enable Justice Information Sharing and Protect Privacy
United States Department of Justice What Is the 500-lb Gorilla in the Information Sharing World? Is it security? Is it quality of data? Is it privacy? Is it disclosure? OR is it—All of the above
United States Department of Justice How Do We Go for the Goal? You need privacy and information quality policies to guide information sharing efforts for your agency or organization
United States Department of Justice Privacy Technology Focus Group— November 2005, Phoenix, Arizona
United States Department of Justice The Challenge for Focus Group Members Identify the most important issues in privacy policy and technology Narrow the focus to areas that can be addressed within the given time frame Outline tangible, targeted technology solutions Develop specific recommendations for action
United States Department of Justice The Focus Areas of the Group Access and authentication Data aggregation and dissemination Identity theft Personal safety and protection
United States Department of Justice Global Security Working Group (GSWG) Global Privacy and Information Quality Working Group (GPIQWG) Global Infrastructure/Standards Working Group (GISWG) What Happens Next?
United States Department of Justice Global Technical Privacy Task Team
United States Department of Justice GSWG Framework Security requirements drive framework GSWG work evolves from framework Available resources –Executive Summary –A Framework for Secure Justice Information Sharing