Presentation is loading. Please wait.

Presentation is loading. Please wait.

TSCP Early Work on Trust Framework Agreement Developing a Flexible Trust Agreement PAGE 1 | TSCP.

Published byBertram Leonard Modified over 8 years ago

Similar presentations

Presentation on theme: "TSCP Early Work on Trust Framework Agreement Developing a Flexible Trust Agreement PAGE 1 | TSCP."— Presentation transcript:

1 TSCP Early Work on Trust Framework Agreement Developing a Flexible Trust Agreement PAGE 1 | TSCP

2 Early TSCP Work on Bilateral Trust Framework Agreement TSCP started the concept of the flexible trust agreement with a bilateral agreement that its members were interested in using between themselves PAGE 2 | CONFIDENTIAL | TSCP Flexibility to change technical requirements without changing the business and legal terms of the agreement was a key need of the parties Flexibility is achieved by putting the technical requirements in an Appendix which the parties can change over time Greg Roecker will discuss this work later this afternoon

3 TSCP Work on Multilateral Agreement Once the Bilateral Agreement was sent to the members for their consideration, TSCP began work on a Multilateral Agreement The Multilateral Agreement allows a matrix of technical requirements that fosters trust amongst parties at varying levels of assurance with flexibility to bolster trust through the use of attributes PAGE 3 | CONFIDENTIAL | TSCP

4 Critical Infrastructure – All Hazards Consortium Developing a Flexible Data Sharing Trust Agreement PAGE 4 | TSCP

5 DHS Contract – Agreement for Data Sharing By Use Cases Use Case #1 - Regional Fleet Movement –Provider: Electric Sector Regional Mutual Assistance Groups (RMAGs) –Consumers: Specific private and public sector members of the FWG and EC3 work groups –Level of Assurance: Minimum LoA 2 for read access –Process: Use username/password or PIV-I cards on TSCP portal –Results Draft agreement Demo PIV-I Cards Educate to build trust PAGE 5 | TSCP

6 Focus On Use Cases Use Case #2 - Access to Open/Closed Data App –Provider: Hughes Network System’s Satellite Dish Status Database –Consumers: Specific private and public sector members of the FWG and EC3 work groups –Level of Assurance: LoA 4 –Process: Use PIV-I cards on TSCP portal to link to Hughes Data Portal on FWG site –Results Provide regional/national situation awareness on private sector businesses Demo PIV-I Cards Educate to build trust Tom Moran will discuss this in more detail PAGE 6 | TSCP

7 Scope of Trust for Data Sharing PAGE 7 | TSCP The TSCP Trust Framework provides a set of rules around identity & access management Some rules are imposed technically and others by policy (i.e., by agreement) By following the rules, parties are able to create a trusted environment where the information is shared with only vetted and authorized individuals who have agreed to the limitations on use of data specified in the agreement Again, some limitations can be controlled technically and others by the agreement From the Critical Infrastructure agreement : Scope of the Trust. The Parties to this agreement intend to voluntarily facilitate the sharing of certain critical information for operational purposes only during periods of emergency response, e.g. information concerning where there is available gas, working ATMs, hotels, where supplies can be obtained. Controlling access to the shared information is of paramount concern to the Parties because of the nature of the data and the limitations on use. Data will be shared for the agreed use cases specified in Appendix A of this Agreement. The Transglobal Secure Collaboration Participation, Inc. (TSCP) has developed a Federation Trust Framework that includes an information labeling and handling specification that the Parties desire to leverage to achieve their data sharing objectives. Relying on the requirements of TSCP’s Federation Trust Framework infrastructure and the terms of this Agreement, authorized users of the TSCP Secure Information Sharing Environment (SISE), a cloud-based situational data repository, are able to share and access data. Access to data is limited by the controls and restrictions applied to the data by policy. Specifically, data is uploaded and used solely to support operational need during regional emergency response. The system allows for: Multi-layered Identity Authentication of users accessing the system with trusted credentials; Policy labeling of data by users based on the type of data uploaded; Enforced access control (upload, edit, view, download) to data based on the policy labels applied to data; and a single sign-on cloud environment.

8 Status of the Critical Infrastructure Agreement PAGE 8 | TSCP Agreement covers all aspects of governance - business, technical, legal, and policy But the minimum technical requirements are included in an Appendix which can be changed without changing the rest of the agreement allowing maximum flexibility Use Cases are also in an Appendix to the agreement so the parties can add use cases without changing the rest of the agreement TSCP has been working on the agreement between AHC, TSCP and Data Consumers (an Appendix to the Data Provider Agreement) The Agreement is modeled on the AHC agreements in place today but they impose the TSCP Trust Framework to increase the identity assurance and access management rules to increase the trust

9 NSTIC Pilots Changing Paradigms PAGE 9 | TSCP

10 NSTIC Grant – Challenges to Sharing Information and Lessons Learned TSCP explored an agreement for the use of employer- issued trusted identity credentials for employee personal transactions While there was serious interest, resistance to changing the current legal and privacy paradigms was an impediment to near-term success –Employer permission for use –Distinguishing personal vs. professional use –Managing personal information PAGE 10 | CONFIDENTIAL | TSCP

11 PAGE 11 | TSCP 11 CONFIDENTIAL Questions? TSCP Inc. Keith Ward | President and CEO 8000 Towers Crescent Drive, Suite 1350, Vienna, VA 22182 (M): (703) 945-9875| (F): (703) 760-7899 | Email: keith.ward@tscp.org | www.tscp.orgkeith.ward@tscp.orgwww.tscp.org Steve Race Vice President Operations 8000 Towers Crescent Drive, Suite 1350, Vienna, VA 22182 (M): (703) 980-8915 | (F): (703) 760-7899 Email: steve.race@tscp.org | www.tscp.orgsteve.race@tscp.orgwww.tscp.org Shauna Russell, cipp/us Vice President for Legal, Privacy, and Policy 8000 Towers Crescent Drive, Suite 1350, Vienna, VA 22182 (M): (202) 769-9114 | (F): (703) 760-7899 Email: shauna.russell@tscp.org | www.tscp.org shauna.russell@tscp.orgwww.tscp.org

Download ppt "TSCP Early Work on Trust Framework Agreement Developing a Flexible Trust Agreement PAGE 1 | TSCP."

Similar presentations

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.

The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.

Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.
Confidentiality, Ethics, Privacy, and Access REPORT FROM CONFIDENTIALITY, ETHICS, PRIVACY AND ACCESS Group B.

Confidentiality, Ethics, Privacy, and Access REPORT FROM CONFIDENTIALITY, ETHICS, PRIVACY AND ACCESS Group B.
Western Australian Emergency Medicine Research Online WAEMRO Dis-integrating healthcare information systems Professor Peter Sprivulis MBBS PhD FACEM FACHI.

Western Australian Emergency Medicine Research Online WAEMRO Dis-integrating healthcare information systems Professor Peter Sprivulis MBBS PhD FACEM FACHI.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
Evolution of Identity Management May 15, 2008 For: CIPS Security Special Interest Group Presented by: Mike Waddingham, PMP President, Code Technology Corp.

Evolution of Identity Management May 15, 2008 For: CIPS Security Special Interest Group Presented by: Mike Waddingham, PMP President, Code Technology Corp.
Continuous Compliance Assurance for Trusted Information Sharing: A Research Framework Bonnie W. Morris College of Business & Economics

Continuous Compliance Assurance for Trusted Information Sharing: A Research Framework Bonnie W. Morris College of Business & Economics
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.

David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.

Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.
1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.
Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.

Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Cartes America - Secure ID: Fraud and ID Management Part 1 Track Personal Identity Verification (PIV) Case Study within the TSCP Community Keith Ward TSCP.

Cartes America - Secure ID: Fraud and ID Management Part 1 Track Personal Identity Verification (PIV) Case Study within the TSCP Community Keith Ward TSCP.

Similar presentations

Ads by Google