Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.

Slides:



Advertisements
Similar presentations
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Advertisements

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Ongoing Efforts to Build The US Federal PKI Bridge
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
The U.S. Federal PKI and the Federal Bridge Certification Authority
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
The 4BF The Four Bridges Forum Higher Education Bridge Certificate Authority.
Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.
NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.
Single Sign-On, Federated Authentication and Beyond at NIH Dr. Peter Alterman National Institutes of Health.
The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
Federated Identity and Interoperability: Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
The U.S. Federal PKI, 2004: Report to EDUCAUSE Peter Alterman, Ph.D. Assistant CIO for E-Authentication National Institutes of Health.
E-Authentication: The Need for Open-Standards in Implementing E-Government October 6, 2004 The E-Authentication Initiative.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
The InCommon Federation The U.S. Access and Identity Management Federation
Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
GC Credential Management Evolution for the OASIS/World Bank eGov Workshop 17 th April, 2009For information, please contact:
E-Authentication: The Need for Public and Private Sector Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Federal e-Authentication Initiative: Federated Identity and Interoperability David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.
Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.
E-RA E-Authentication Risk and Requirements Assessment Mark Liegey USDA/National Finance Center “Getting to Green with E-Authentication” February 3, 2004.
Identity Assurance: When it Matters David L. Wasley Internet2 / InCommon.
PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.
Government-University Identity Management Opportunities Peter Alterman, Ph.D. Chair, U.S. Federal PKI Policy Authority and Assistant CIO/E-Authentication,
Credentialing in Higher Education Michael R Gettes Duke University CAMP, June 2005, Denver Michael R Gettes Duke University
The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.
I-CIDM Bridge to Bridge Working Group (BBWG) Purpose and Activities Fed-Ed Meeting The Fairmont Hotel Washington, DC December 14, 2004 Debb Blanchard Enspier.
Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.
Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.
E-Authentication Overview & Technical Approach Scott Lowery Technical Track Session.
The Feds and Shibboleth Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council
Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
National Institutes of Health Interfederation Initiatives Peter Alterman, Ph.D. Assistant CIO for e-Authentication.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.
Federal Identity Management Overview and Current Status Dr. Peter Alterman, Chair Federal PKI Policy Authority.
Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.
Federation Systems, ADFS, & Shibboleth 2.0
Higher Education’s Role in the Identity Ecosystem
Privacy, Security, and Identity Management Update
U.S. Federal e-Authentication Initiative
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Technical Approach Chris Louden Enspier
HIMSS National Conference New Orleans Convention Center
Presentation transcript:

Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health

Agenda Elements of US Federal Identity Federation Inward-facing and outward-facing elements Interfederation interoperability initiatives

The U.S. Federal Identity Framework IS: A combination of policy and technology implemented to: Provide secure access to government physical and logical resources Provide secure mechanisms for citizens, businesses and other governments to transact business with the US Federal Government electronically

Implementation of U.S. Federal Identity Framework Feds and on-site contractors get Common PKI token and medium assurance digital certificates Common Policy and common token facilitate interagency interoperability AuthZ still a local responsibility Federal Bridge enables cross-Agency interoperability outside the Common Policy (for waived entities)

Foundation Elements of FIF Policy- Driven FICC Identity Management Framework Document OMB M (LOA) NIST SP (Risk) U.S. Federal Common Policy Framework CP (PKI) Federal Bridge CA CP (PKI) E-Authentication Risk Assessment SmartCard Standards (GSIS-compliance) E-Authentication Credential Assessment Framework (CAF)

E-Authentication Full Operational Capability (FOC) Architecture for Clients and Business Partners Defines the way end users authenticate to online Agency Applications Based on external standards.. Conservatively SAML 1.0 profiles currently Liberty, Shibboleth, WS* SAML 1.x, 2.0 as COTS products become available Credential Services Providers (electronic identity credential issuers) evaluated for LOA using standard methodology (CAF) Supports all authentication technologies

Interfederation Interoperability Initiatives E-Authentication Partnership with private industry (next meeting October 25, 2004 in Broomfield, CO in conjunction with Digital ID World) E-Authentication – inCommon interoperability project to enable Shibboleth credentials to be used to access Agency Applications Discussions afoot to incorporate a Federal Shibboleth Federation into the E-Authentication FOC to enhance bidirectional interoperability (Federal credentials used to access inCommon services) I-CIDM (International Collaborative identity Management) Bridge to Bridge Interoperability Work Group (PKI)

E-Authentication Partnership The Electronic Authentication Partnership (EAP) is the multi-industry partnership working on the vital task of enabling interoperability among public and private electronic authentication (e-authentication) systems. Interoperability of e-authentication systems is essential to the cost-effective operation of safe and secure systems that perform essential electronic transactions and tasks across industry lines.

E-Authentication / inCommon Interoperability Project Phases One and Two funded: Demonstrate technical interoperability between Shib and E-Auth FOC in the E-Auth Interoperability Lab Identify Policy and Practice convergence requirements for E-Auth and inCommon Contribute to the B2B (PKI) discussions hosted by I-CIDM

International Collaborative Identity Management (I-CIDM) Forum A Forum to clarify the current Federal policy and implementation of identity management (PKI) within and across collaborating organizations. The Society of British Aerospace Companies (SBAC), the UK Defence Manufacturers Association (DMA), and NACHA are also participating. Educate, assess and advise on CIDM policy, process and technology issues including strong identity management, data segregation management, PKI/PKE implementation, cross-certification, and commercial CA bridges.

Work to be Done Policy alignment – key is that there be policies in federations and that they address Levels of Assurance of Identity (LOA) Technical alignment – convergence on SAML 2.0 with and without X.509 digital certificates.

Sources MMeeting.cfm#purpose

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.