Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Slides:

Advertisements

Similar presentations

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.

Advertisements

PKI deployment in the Aerospace Industry

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

Federal PKI Architecture Update

Ongoing Efforts to Build The US Federal PKI Bridge

SAFE-BioPharma Association NSTIC Day How does industry drive forward.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

Copyright Judith Spencer This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.

Federal Electronic Identity Initiatives – Current Status Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO for E-Authentication,

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael.

The U.S. Federal PKI and the Federal Bridge Certification Authority

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.

NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.

HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.

1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl

The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee.

The U.S. Federal PKI, 2004: Report to EDUCAUSE Peter Alterman, Ph.D. Assistant CIO for E-Authentication National Institutes of Health.

1 Digital Credential for Higher Education John Gardiner August 11, 2004.

Bridge-to-Bridge Working Group (BBWG) Debb Blanchard, Cybertrust EDUCAUSE Federal and Higher Education PKI Coordination Meeting June 16, 2005 The Fairmont.

PKI: Glue of Middleware Michael R Gettes, Duke University CAMP Enterprise Authentication Michael R Gettes, Duke University CAMP Enterprise Authentication.

1 PKI & USHER/HEBCA Fall 2005 Internet2 Member Meeting Jim Jokl September 21, 2005.

The Evolving U.S. Federal PKI Richard Guida Chair, Federal PKI Steering Committee Federal Chief Information Officers Council

E-Authentication: The Need for Public and Private Sector Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Digital Signatures A Brief Overview by Tim Sigmon April, 2001.

The NIH PKI Pilots Peter Alterman, Ph.D. … again.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Update on PKI Activities in the Spanish Academic Network PKI-COORD November 26, Amsterdam.

PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.

Internet2 Middleware PKI: Oy-vey! Michael R. Gettes Principal Technologist Georgetown University

Government-University Identity Management Opportunities Peter Alterman, Ph.D. Chair, U.S. Federal PKI Policy Authority and Assistant CIO/E-Authentication,

The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.

I-CIDM Bridge to Bridge Working Group (BBWG) Purpose and Activities Fed-Ed Meeting The Fairmont Hotel Washington, DC December 14, 2004 Debb Blanchard Enspier.

The Federal PKI Or, How to Herd Worms Peter Alterman Senior Advisor, Federal PKI Steering Committee.

Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

The Feds and Shibboleth Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health.

Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001.

Higher Ed Bridge CA Extending Trust Across Higher Education - And Beyond David L. Wasley University of California.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Overview of US PKI Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council

Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

National Institutes of Health Interfederation Initiatives Peter Alterman, Ph.D. Assistant CIO for e-Authentication.

Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007.

Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.

Higher Education Bridge Certification Authority Scaleable Linking of PKI trust domains Scaleable Linking of PKI trust domains David L. Wasley Fall 2006.

Interoperability and the Evolving Federal PKI Richard Guida, P.E. Member, Government Information Technology Services Board Chair, Federal PKI Steering.

1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.

Federal Identity Management Overview and Current Status Dr. Peter Alterman, Chair Federal PKI Policy Authority.

Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.

EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.

PKI deployment in the Aerospace Industry

U.S. Federal e-Authentication Initiative

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Overview of US PKI Peter Alterman, Ph.D.

Technical Approach Chris Louden Enspier

Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007.

Presentation transcript:

Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority

Agenda Current state of the Federal PKI Bridge-to-Bridge Update FIPS 201 and Chicken Little –Pending Issues –Why this matters to You

Simplified Diagram of Federal PKI Federal Bridge CA C4 CA E-Gov CAs (3) Common Policy CA Cross- Certified gov PKIs Cross- Certified External PKIs ? eAuth CSPs Shared Service Provider PKIs (Common Policy OID And root Cert)

Federal PKI: Summary No architectural changes in last 6 months – stable Closure near on path discovery/path validation tools and services Cross-certification approved with first commercial partner – Wells Fargo Bank, and near with Boeing New Federal Bridge CP adopted in RFC 3647 format incorporating Medium Hardware LOA New Federal Certificate Profile adopted requiring populating AIA or SIA fields Most of the work diverted to HSPD-12 implementation

Federal PKI: Shared Service Provider Update New High Assurance Policy for Common Policy CA approved One new Shared Service Provider approved and two others in process No new self-signed Agency PKIs allowed unless waiver granted from OMB.

Federal PKI and EAuthentication PKI required for Levels 3 & 4 EAuth management still clueless about integrating PKI into operational vision Therefore, focusing on LOA 1 & 2 with SAML as transport

Bridge to Bridge Update Policy roadblock (citizenship of trusted operators) surmounted by creating “commercial best practice” policies at Medium and Medium Hardware LOA FBCA reserves High Assurance cross-certification for governments only SAFE bridge (pharmaceutical) operational Certipath bridge (aerospace) open for business before 12/31 – already in technical interoperability testing with FBCA HEBCA aiming for Medium Hardware cross-certification with FBCA; USHER aiming for ??

FIPS 201 and Chicken Little FIPS 201 mandates both identity proofing standards and PKI on a SmartCard for all feds and inside contractors Identity Proofing standard required 10/05 of ALL federal agencies; security checks of all new hires; over next 12 months, security checks of all employees and contractors. Huge $$ and bottlenecks expected. SmartCard standards in place but incomplete. No products yet available. Middleware also playing catch- up. Both promised for 2Q06. Agencies stunned and busy playing catch-up with little money to implement. Meteorologists predict a blast of hot air followed by a blizzard of meaningless but expensive paper. A blessed few will succeed, making everybody else look inept. Blame will be spread wide.

Discussion