Presentation is loading. Please wait.

Presentation is loading. Please wait.

Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda.

Published byElinor Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda."— Presentation transcript:

1

2 Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda

3 Analyzed full set of FICAM TFS v2 requirements Looked at LOA1 to LOA4 Focused only on SAML identity scheme Componentized FICAM in conjunction with NIEF Primary objective is maximal reuse of components Identified 41 total FICAM components (trustmarks) 30 pertain to FICAM SAML IDPs Others pertain to FICAM RPs and BAE endpoints 32 can be reused within NIEF now Componentization of FICAM TFS

4 List of FICAM TFS SAML IDP Trustmarks

5 FICAM LOA1 SAML IDP TIP FICAM LOA2 SAML IDP TIP FICAM Non-PKI LOA3 SAML IDP TIP FICAM LOA4 SAML HoK IDP TIP Organizational Trustmarks2 (common) LOA-Specific ID Trust Trustmarks1661 Privacy Trustmarks15 (common) Crypto Mgmt. Trustmarks3 (common) SAML Interop. Trustmarks4 (common)5 Attribute Profile Trustmarks1 (common) Required Trustmarks1119 16 Optional Trustmarks1221 Total Trustmarks1221 17 Some Stats…

6 NIEF Trustmark Count82 Trustmarks Needed for GTRI Pilot63 FICAM Trustmark Count41 NIEF/FICAM Trustmark Overlap Count32 Trustmarks Related to Security & Resilience52 Trustmarks Related to Privacy21 Trustmarks Related to Interoperability48 Trustmarks Related to Cost-Effectiveness & Ease of Use7 Total Trustmarks Identified (so far)107 FICAM Stats in Context

7 A Sample Trustmark Definition (Partial Screen Shots of Components)

8 Trustmark Assessment Tool Process Flow Trustmark Assessment Tool Database Trustmark Assessment Tool FICAM LOA 2 Authn Process TD FICAM LOA 2 Authn Process TD Trustmark Provider Trustmark Recipient Trustmark Definitions 1. Load TDs into Assessment Tool 2. Receive request for trustmark from Trustmark Recipient candidate 3. Perform assessment of Trustmark Recipient candidate 4. Store assessment artifacts / evidence in database 5. Issue trustmark to Trustmark Recipient

9 Sample Screen Shot from GTRI Trustmark Assessment Tool

10 NIEF Trustmark Issuance Process Flow NIEF Trust Fabric Registry NIEF Trust Fabric Registry NIEF Trustmark Assessment Processes Trustmark 1 Trustmark 2 Trustmark N NIEF Trust Fabric Entry Trustmark 1 Trustmark 2 Trustmark N Signed by NIEF NIEF Member Agency (Trustmark Recipient) NIEF Member Agency (Trustmark Recipient) Trustmark Assessment Tool Trust Fabric Entry Editor Trust Fabric Registry Manager Tool

11 NIEF Trustmark Usage Process Flow NIEF Trust Fabric Registry NIEF Trust Fabric Registry Trustmark Relying Party 1. Query for trust fabric entries with required trustmarks, in accordance with local TIP Trust Interoperability Profile 2. Receive matching trust fabric entries 3. Install entries in local product

12 Questions?

Download ppt "Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda."

Similar presentations

Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.

Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…

From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…
Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.

Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.
1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.

1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.
TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1.

TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
Transport and Security Standards Work Group New Directions In Identity Paul Grassi Senior Standards and Technology Advisor.

Transport and Security Standards Work Group New Directions In Identity Paul Grassi Senior Standards and Technology Advisor.
This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.

This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.
Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)

Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)
Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal 1 1 2 2 4 4 3,6 5 5 7 7 8 8 9 9 1010 1010 DNS Hello User Sample (Gateway)

Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal , DNS Hello User Sample (Gateway)
Functional component terminology - thoughts C. Tilton.

Functional component terminology - thoughts C. Tilton.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
Dutch eID-Scheme Technical Specifications. Content High level introduction and background information Drivers and functional requirement Resulting landscape.

Dutch eID-Scheme Technical Specifications. Content High level introduction and background information Drivers and functional requirement Resulting landscape.
TFTM Sub-Committee 01-06 What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, 2014 4-16-2014IDESG TFTM Committee1.

TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
John Wandelt Mar 2015. National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing.

John Wandelt Mar National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
Summary Report on Resource Certification February 2007 Geoff Huston Chief Scientist APNIC.

Summary Report on Resource Certification February 2007 Geoff Huston Chief Scientist APNIC.
GFIPM Deliverables Overview GFIPM Delivery Team Meeting November 2011.

GFIPM Deliverables Overview GFIPM Delivery Team Meeting November 2011.

Similar presentations

Ads by Google