Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

Published byMelinda Wood Modified over 7 years ago

Similar presentations

Presentation on theme: "The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication."— Presentation transcript:

1 The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication Initiative

2 2 The Starting Place : Key Policy Points  No National ID.  No National unique identifier.  No central registry of personal information, attributes, or authorization privileges.  Different authentication assurance levels are needed for different types of transactions.

3 3 The E-Authentication Initiative E-Authentication Goals  Build and enable mutual trust needed to support wide spread use of electronic interactions between the public and Government, and across Governments  Minimize the burden on public when obtaining trusted electronic services from the Government, and across the governments  Deliver common interoperable authentication solutions, appropriately matching the levels of risk and business needs

4 4 The E-Authentication Initiative eAuthentication Technical Approach E-Authentication Mission OMB-04-04 e-Authentication Guidance for Federal Agencies NIST Spec Pub 800-63 Recommendation for Electronic Authentication Strategic Business & Finance Plans E-RA, PIA, and C &A reviews Accredited CSP Trust List CAF SAMLPKI Other Tech Specs E-Authentication Key Building Blocks Adopted Federated Identity Schemes

5 5 The E-Authentication Initiative Governments Federal States/Local International Higher Education Universities Higher Education PKI Bridge Healthcare American Medical Association Patient Safetty Institute Travel Industry Airlines Hotels Car Rental Trusted Traveler Programs Central Issue with Federated Identity – Who do you Trust? E-Commerce Industry ISPs Internet Accounts Credit Bureaus eBay Trust Network Financial Services Industry Home Banking Credit/Debit Cards Absent a National ID and unique National Identifier, the e-Authentication initiative will establish trusted credentials/providers at determined assurance levels.

6 6 The E-Authentication Initiative The Need for Federated Identity Trust and Business Models  Technical issues for sharing identities are being solved  Trust is critical issue for deployment of federated identity Federated ID networks have strong need for trust assurance standards How robust are the identity verification procedures? How strong is this shared identity? How secure is the infrastructure?  Common business rules are needed for federated identity to scale N 2 bi-lateral trust relationships is not a scalable business process Common business rules are needed to define: Trust assurance and credential strength Roles, responsibilities, of CSPs and relying parties Liabilities Business relationship costs  Federal e-Authentication Initiative will provide trust framework to integrate (policy, technology, business relationships) across disparate and independent identity systems

7 7 The E-Authentication Initiative Authentication Assurance Levels M-04-04:E-Authentication Guidance for Federal Agencies establishes 4 authentication assurance levels NIST SP800-63 Electronic Authentication NIST technical guidance to match technology implementation to a level Level 4Level 3Level 2Level 1 Little or no confidence in asserted identity (e.g. self identified user/password) Some confidence in asserted identity (e.g. PIN/Password) High confidence in asserted identity (e.g. digital cert) Very high confidence in the asserted identity (e.g. Smart Card)

8 8 The E-Authentication Initiative OMB Authentication Guidance  M-04-04 Signed by OMB Director on 12/16/2003  Supplements OMB Guidance on implementation of GPEA  Establishes 4 identity authentication assurance levels  Requires agencies to conduct “e-authentication risk assessments” Result: A more consistent application of electronic authentication across the Federal Government

9 9 The E-Authentication Initiative NIST SP 800-63: Recommendation for Electronic Authentication  Maps to OMB E-Authentication guidance  Covers conventional token based remote authentication May be additional guidance on “knowledge based authentication”  Draft for comment at: http://csrc.nist.gov/eauthhttp://csrc.nist.gov/eauth  Comment period ends: March 15

10 10 The E-Authentication Initiative Part of a Larger Policy Framework Federal Identity Credentialing Component Credential Assessment Framework Federal PKI Bridge Certificate Policy NIST Authentication Technical Guidance E-Authentication Guidance for Federal Agencies FINAL: OMB M-04-04, December 16, 2003 SP800-63, Out for Comment Jan 29, 2004, Expected Final April 2004 Expected final March 04 Interim version now final and Posted on Web Policies Ongoing

11 11 The E-Authentication Initiative e-Authentication Trust Model for Federated Identity 3. Establish technical assurance standards for e-credentials and credential providers (NIST Special Pub 800-63 Authentication Technical Guidance) 1. Establish e-Authentication risk and assurance levels for Governmentwide use (OMB M-04-04 Federal Policy Notice 12/16/03) 4. Establish methodology for evaluating credentials/providers on assurance criteria (Credential Assessment Framework) 2. Establish standard methodology for e-Authentication risk assessment (ERA) 5. Establish trust list of trusted credential providers for govt-wide (and private sector) use 6. Establish common business rules for use of trusted 3rd-party credentials

12 12 The E-Authentication Initiative Credential Assessment Profiles (CAPS Credential Assessment Profiles (CAPS The CAF Suite for Assessing Credentials Credential Assessment Profiles (CAPS Credential Assessment Profiles (CAPS Credential Assessment Guide (CAG) Credential Assessment Framework (CAF) PINs PASSWORDS PKI Based on OMB policy and NIST Technical guidance, the CAF establishes the structured means for providing assurances to Federal agencies regarding the veracity and dependability of identity credentials and tokens. The CAF provides structured procedures for conducting the assessment of CSPs and credentials. The CAPs establish the assessment criteria for each type of credential technology (e.g., PIN, password, PKI).

13 13 The E-Authentication Initiative e-Authentication Trust and Interoperability The e-Authentication Initiative acts as Trust Broker to provide Trust Assurance services for Fed Agencies Manages relations among Agency Applications (relying parties) and Credential Service Providers (issuers) Administers Authentication policy Framework Establishes and administers common business rules for the relationships among the parties Administers common interface specs Performs credential assessments Authorizes CSPs on trust list according to standardized assurance levels Provides C & A and regular audit & ensures compliance Trust Broker CSP AA CSP AA Common Policies & Business Rules Common Interface Specs Policy, Technical, & Business Interoperability

14 14 The E-Authentication Initiative The Need for the Electronic Authentication Partnership State/Local Governments Industry Policy Authentication Assurance levels Credential Profiles Accreditation Business Rules Privacy Principles Technology Adopted schemes Common specs User Interfaces APIs Interoperable COTS products Authz support Federal Government Commercial Trust Assurance Services Policy, Technical, & Business Interoperability Common Business and Operating Rules CSP RP http://www.eapartnership.org/

15 15 The E-Authentication Initiative For More Information Phone E-mail David Temoshok 202-208-7655david.temoshok@gsa.gov Websites http://cio.gov/eauthentication http://www.eapartnership.org/ http://cio.gov/fpkipa

Download ppt "The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication."

Similar presentations

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.

Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.

HIMSS/GSA E-Authentication Initiative A Pilot Project of the HIMSS RHIO Federation HIMSS Public Policy Forum September 28, 2006 Mary Grizkewicz, HIMSS.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
1 Enabling Open Government Using the OIDF/ICF Open Trust Framework OASIS Identity Management 2009 September 29, 2009 Don Thibeau, ED, OpenID Foundation.

1 Enabling Open Government Using the OIDF/ICF Open Trust Framework OASIS Identity Management 2009 September 29, 2009 Don Thibeau, ED, OpenID Foundation.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
E-Authentication: Creating an Environment of Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy The E-Authentication.

E-Authentication: Creating an Environment of Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy The E-Authentication.
The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.

The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
Federated Identity and Interoperability: Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.

Federated Identity and Interoperability: Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.
Federal Requirements for Credential Assessments Renee Shuey ITS – Penn State February 6, 2007.

Federal Requirements for Credential Assessments Renee Shuey ITS – Penn State February 6, 2007.
Policy, Trust and Technology Mitigating Risk in the Digital World David L. Wasley Camp 2006 © David L. Wasley, 2006.

Policy, Trust and Technology Mitigating Risk in the Digital World David L. Wasley Camp 2006 © David L. Wasley, 2006.

Similar presentations

Ads by Google