Cyber Security Means Locking the Front Door Too: Use High-Assurance Identity Management to Control Access to the Federal Bridge.

Slides:

Advertisements

Similar presentations

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

Advertisements

© Daon Confidential Strategies for Implementing National Identity Systems Nov 28 th 2007 Leo Ring Vice President, Daon.

Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: Mobile:

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker

Department of Labor HSPD-12

Business Transformation Redefined | 1 PASP®ID solution for DLLR's Division of Occupational and Professional Licensing -Powered by manageID®

1/13/05NCASSR PNNL Visit1 Security Tools Area Overview, Credential Management Services, and the PKI Testbed Jim Basney Senior Research Scientist

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

SOLVE THE PROBLEM OF IDENTITY THEFT An online, real-time solution for KYC, POPI, RICA and FICA compliance May

Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.

E-Authentication: What Technologies Are Effective? Donna F Dodson April 21, 2008.

Geneva, Switzerland, September 2014 Introduction of ISO/IEC Identity Proofing Patrick Curry Director, British Business Federation Authority.

David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

By Garland Land NAPHSIS Consultant. Importance of Birth Certificates Needed for: Social Security Card School Enrollment Driver’s License Passport.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.

Internet Trust Defined. Delivered. Electronic Business the Way It Was Meant to Be.

Cartes America - Secure ID: Fraud and ID Management Part 1 Track Personal Identity Verification (PIV) Case Study within the TSCP Community Keith Ward TSCP.

Ronny Depoortere 19th March, 2012 Warsaw. Identification – Business Case The ability to uniquely identify citizens and foreign residents.

PIV 1 Ketan Mehta May 5, 2005.

Cyber Authentication Renewal Project Executive Overview June – minute Brief.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

Evaluating trusted electronic documents Petr Švéda Security and Protection of Information ‘03 © 2003 Petr Švéda, FI MU.

Non-Employee Identity System (NEIS) Adjudicator Training.

Non-Employee Identity System (NEIS) Adjudicator Training.

HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.

1 UNECE Capacity Building Workshop on Trade Facilitation Implementation: October 2004 Electronic PostMark (EPM) Security & Authentication for eTrade Documents.

Non-Employee Identity System (NEIS) Adjudicator Training.

COAG AUSTRALIA The Prime Minister, Premiers and Chief Ministers signed the IGA at the COAG meeting on 13 April The key objectives of the Strategy,

Workshop IV Current Developments in Digital Trust.

1 of 4 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

ONLINE STUDENT AUTHENTICATION EXAMITY PILOT SPRING 2016.

Digital Signatures and Digital Certificates Monil Adhikari.

Trusted Electronic Communications for Federal Student Aid Mark Luker Vice President EDUCAUSE Copyright Mark Luker, This work is the intellectual.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

The Alien Flight Student Program AFSP An overview of the applications that encompass the AFSP Program COPYRIGHT AND GOVERNMENT PURPOSE RIGHTS NOTICE Copyright.

E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.

Identity and Access Management

Key management issues in PGP

LIVE CHAT APPLICATION Aria Telecom Solutions Pvt. Ltd.

Identity on the Internet

Security is one of the most widely used and regarded network services

ESign Aashutosh.

Cloud Security– an overview Keke Chen

Cryptography and Network Security

Digital Signature.

U.S. Federal e-Authentication Initiative

A Real Problem % 5,000 #1 $2,100 12% 6% Identity Fraud

Multifactor Authentication & First Time Login

Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Legal Framework for Civil Registration, Vital Statistics

Public Key Infrastructure from the Most Trusted Name in e-Security

Technical Approach Chris Louden Enspier

E-Authentication: What Technologies Are Effective?

County HIPAA Review All Rights Reserved 2002.

Setting up and using secure and document transfer

eVoting System Proposal

David L. Wasley Spring 2006 I2MM

Introduction of ISO/IEC Identity Proofing

ARIA CCAS Cloud based Telecom Solution

Meganet Corporation VME Sign 2004

Volvo Car Corporation Charlotta Larsson Moulier,

E-identities (and e-signatures)

Presentation transcript:

Cyber Security Means Locking the Front Door Too: Use High-Assurance Identity Management to Control Access to the Federal Bridge

Justin Oberman Vice President for Identity Strategy SureID

SureID Context In the physical world we We raise the bar for access before the bar is raised In the digital world we Extend the reach of IAM so that only cleared identities (“I”) get access (“A”) to be managed (“M”) In all worlds we Provide ongoing monitoring to mitigate vulnerabilities “between” checks 3

Identity Assurance Enables Outsiders on the Inside Assurance enables identity verification Verification makes intrusion much more difficult Locking reduces workload Ongoing Monitoring means access can be revoked in real time any time 7

PIV-I for CUI Overview: Benefits: Common, secure, reliable identification. Visual and electronic identify verification. Government-wide technical interoperability and authentication. Encryption of email messages containing sensitive and regulated information. Digital signatures for “official” corporate email correspondence. Digital signatures to make internal forms and processes “paperless”. Benefits: Non-proprietary, compatible, lower-cost COTS solution. Native support in products (e.g., Windows). Field proven and mature technologies. 6

SureID by the Numbers

AND MORE THAN 75,000 OTHER COMPANIES SureID Reach AND MORE THAN 75,000 OTHER COMPANIES 9

Users Click and Pay RELYING PARTY VENDORS/ CONTRACTOR/ OTHERS ACCEPTED BY ALL PARTICIPATING RELYING PARTIES DON’T PAY PAY ONCE 10

How Does Identity Assurance Work? PROVE IDENTITY & SCREEN REGISTER ADJUDICATE CREDENTIAL VALIDATE Web-based pre- enrollment Provide key biographical data In-person enrollment At retail location or mobile on- site Includes submission of photograph, fingerprints, identity documents as needed Conducted by trusted agent Review all background screen results Research every required record, e.g., when case disposition not available Trained/vetted adjudicators operating in a secure facility Credentials issued in person, via mail, or digitally ID verification required Includes PACS/LACS integration where required Identity Verification Validate documents Screen Criminal – name-based and FBI fingerprint- based Terrorism Connections Ongoing Monitoring Governs use of credentials to gain access Tailored to each operating environment Works with physical credentials, mobile verification, or biometric-only Register Prove Identity Screen Credential Validate Adjudicate Ongoing Monitoring 11