1 Washington Integrated Justice Information Board December 20, 2005 Scott Bream Department of Information Services Justice Information Network Data Exchange.

Slides:



Advertisements
Similar presentations
Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.
Advertisements

RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Chief Executive, HIPAA Academy.
SAML CCOW Work Item: Task 2
Illinois Justice Network Portal Implementation Board Meeting February 11, 2004.
NRL Security Architecture: A Web Services-Based Solution
SECTOR SYSTEM OVERVIEW For Local Agency System Administrators (LASA) and Information Technology Specialists.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.
Jennifer Hlad, LEDS & OUCR Trainer LASO 101 – 2013 OREGON STATE POLICE LAW ENFORCEMENT DATA SYSTEMS CRIMINAL JUSTICE INFORMATION SERVICES DIVISION.
Electronic Submission of Medical Documentation (esMD) for Medicare FFS Presentation to HITSC Provenance Workgroup January 16, 2015.
International City/County Management Association, 2001 September 23, 2001 Develop new models of how things work. Reinvent service delivery from the customer.
Lecture 23 Internet Authentication Applications
Authentication & Kerberos
U.S. Department of Agriculture eGovernment Program February 2004 eAuthentication Integration Status eGovernment Program.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
SACMAT02-1 Security Prototype Defining a Signature Constraint.
1 Procurement Reform Project January 14, 2009 Presented by: Christine Warnock, CPPO, CPPB State Purchasing Agent.
Washington State Criminal Records Audit: Meeting 1- Review of Research Design Washington State Institute for Public Policy September 13, 2006 Robert (Barney)
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
2/20/07 1 Possible Criminal History and Case and Criminal History (PCH/CACH) Implementation Report Mo West JIN Program Manager.
U.S. Department of Agriculture eGovernment Program December 3, 2003 eAuthentication Initiative USDA eAuthentication Service Overview eGovernment Program.
Proposal for App Id and Service Provider Id registration Group Name: Shelby Kiewel Source: Shelby Kiewel, iconectiv / Ericsson,
21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIH Protocol Security Date Submitted: December, 2007 Presented.
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
X-Road – Estonian Interoperability Platform
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
OpenPASS Open Privacy, Access and Security Services “Quis custodiet ipsos custodes?”
Identity on Force.com & Benefits of SSO Nick Simha.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Washington State Criminal Records Audit: Presentation to the Justice Information Network Elizabeth Drake Washington State Institute for Public Policy
1 Introduction to the Justice Information Network (Group Name and Date) Mo West JIN Program Manager.
JINDEX Status Report Washington Integrated Justice Information Board September 20, 2005 Scott Bream Department of Information Services.
1 Vigil : Enforcing Security in Ubiquitous Environments Authors : Lalana Kagal, Jeffrey Undercoffer, Anupam Joshi, Tim Finin Presented by : Amit Choudhri.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Proposal for App Id and Service Provider Id registration Group Name: Shelby Source: Shelby, iconectiv / Ericsson,
1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as.
ACHIEVING HEALTH CARE COVERAGE SUCCESS IN 2014 AND BEYOND: Stakeholder Input on Strategies for Marketing, Eligibility, Enrollment and Retention Katie Marcellus.
National Model Scanning Tour “Communications”. The Iowa Department of Public Safety administers a trusted statewide network of servers, PCs, service.
User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.
Database Form Processing Made Easy Chad Killingsworth Web Projects Coordinator.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Washington’s Approach to Justice Integration Global Justice Users’ Conference August 22, 2007 Chicago, IL Mo West, JIN Program Manager Steven Scott, JIN.
Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.
Secure Connected Infrastructure
Training for developers of X-Road interfaces
Public Key Infrastructure (PKI)
Control system network security issues and recommendations
CSCE 715: Network Systems Security
Module 8: Securing Network Traffic by Using IPSec and Certificates
Usecases and Requirements for OGSA-Security
Inter operability of e-GP System
Public Key Infrastructure (PKI)
Kerberos: An Authentication Service for Open Network Systems
Security in ebXML Messaging
NAAS 2.0 Features and Enhancements
Maryna Komarova (ENST)
A Case Study: WI DOJ Wisconsin Digital Government Summit 2007 November 28 Presentation Shared Service Models and Architectures.
Employee Authentication Services (EAS)
Mix & Match: Resource Federation
HIMSS National Conference New Orleans Convention Center
Module 8: Securing Network Traffic by Using IPSec and Certificates
Web Information Systems Engineering (WISE)
Una herramienta para la gestión de identidad, el control de acceso y uso compatible con la regulación de identidad europea eIDAS.
Presentation transcript:

1 Washington Integrated Justice Information Board December 20, 2005 Scott Bream Department of Information Services Justice Information Network Data Exchange (JINDEX) Security and Business Requirements

2  Decision to move PCH/CACH application to production warranted review of security and authentication requirements.  Production security requirements are more rigorous than pilot security requirements.  Need to provide additional identifiers will require modification to King and Yakima County applications.  Need to provide multiple authentication requirements over time will require need for constant re-coding and will prevent JINDEX from scaling. Issues

3  Assumed that consuming entities (King and Yakima Counties) would be responsible and liable for allowing only authorized users access.  King and Yakima Counties would be required to pass only their agency identifiers to back-end providers.  Trust from consuming entities would be preserved through encrypted messaging between trusted servers.  JINDEX will act primarily as a messaging switch, passing through the required credentials. Pilot Authentication Requirements

4 WSP AOC King County Yakima County Yakima Co. ORI Yakima Co. RAFC ID King Co. ORI King Co. RACF ID King Co. ID Burien Police King Co. ID Seattle Police Yakima Co. ID City of Othello Yakima Co. ID Yakima Police WSP ACCESS User Agreement AOC User Agreement AOC User Agreement TRUST King Co. RACF ID Yakima Co. RAFC ID IGN King Co. ORI Yakima Co. ORI Pilot Authentication Model

5  Based on production requirements established by WSP and AOC.  Requires input of end-user identifier in addition to consuming entity identifier.  Creates need for King and Yakima Counties to modify applications.  Becomes more complex as application grows.  Not consistent with scalable, highly secure, re-usable Web Services best practices. Provider-Driven Production Authentication Model

6 WSP AOC King County Yakima County + King Co. ID + Yakima Co. ID Burien Police Seattle Police City of Othello Yakima Police WSP ACCESS User Agreement AOC User Agreement AOC User Agreement Provider-Driven Production Authentication Model Burien Police ORI Seattle Police ORI Yakima Police ORI Othello PD ORI Yakima Police RACF Othello PD RACF Seattle Police RACF Burien Police RACF Yakima Co. ORI Yakima Co. RAFC ID Yakima Police ORI Yakima Police RACF IGN King Co. ORI Yakima Co. ORI Seattle Police RACF Yakima Police ORI King Co. ORI King Co. RACF Seattle Police ORI King Co. RACF Yakima Co. RACF Seattle PD RACF Yakima Police RACF WSP ACCESS User Agreement AOC User Agreement

7 Input and Discussion Washington State Patrol and Administrative Office of the Courts will provide input on authentication requirements and impacts on code and scalability.

8  Assumes that consuming entities would be responsible and liable for allowing only authorized users access.  Envisions creation of a centralized registration service for each consuming entity that identifies those data-providers to which they have been granted access.  Would change the role of the JINDEX from simple message broker to trusted agent.  Will require the creation of new JINDEX services outside the scope of the current contract with Online Business Systems. Possible JINDEX Authentication Model

9 WSP AOC King County Yakima County Yakima Co. Server ID King Co. Server ID King Co. ID Burien Police King Co. ID Seattle Police Yakima Co. ID City of Othello Yakima Co. ID Yakima Police WSP ACCESS User Agreement AOC User Agreement AOC User Agreement TRUST JINDEX ORI Possible Centralized Authentication Model WSP ACCESS Add-User Agreement AOC Add-User Agreement DOL Add-User Agreement DOL User Agreement JINDEX RACF ID DOL JINDEX DOL ID TRUST JINDEX Validation Service WSDOT - Yakima Co. - King Co. - DOL WSP AOC DOL WSP

10 Questions? Scott Bream, DIS (360)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.