Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Slides:



Advertisements
Similar presentations
PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.
Advertisements

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.
Functional component terminology - thoughts C. Tilton.
David L. Wasley Office of the President University of California A PKI Certificate Policy for Higher Education A Work in Progress Draft David L.
Enterprise Architecture 2014 EAAF as a vehicle for LoA Using EAAF processes to incrementally approach InCommon/UCTrust certification.
Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.
1 Authentication Trustworthiness The Next Stage in Identity-Based Access and Security Tom Board, NUIT.
Information Security Policies and Standards
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
InCommon and Federated Identity Management 1
E-Authentication: What Technologies Are Effective? Donna F Dodson April 21, 2008.
Meeting InCommon Silver Profile Standards at UCD and UCB Bob Ono, UC Davis, Dedra Chamberlin, UC Berkeley, David Walker, UC Davis, Doreen Meyer, UC Davis.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Intra-ASEAN Secure Transactions Framework Project Progress Report
Geneva, Switzerland, September 2014 Introduction of ISO/IEC Identity Proofing Patrick Curry Director, British Business Federation Authority.
Appropriate Access: Levels of Assurance Stefan Wahe Office of Campus Information Security.
Use Case Development Scott Shorter, Electrosoft Services January/February 2013.
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.
Federal Requirements for Credential Assessments Renee Shuey ITS – Penn State February 6, 2007.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Joining the Federal Federation: a Campus Perspective Institute for Computer Policy and Law June 29, 2005 Andrea Beesing IT Security Office.
National Smartcard Project Work Package 8 – Security Issues Report.
Policy, Trust and Technology Mitigating Risk in the Digital World David L. Wasley Camp 2006 © David L. Wasley, 2006.
SWITCHaai Team Federated Identity Management.
Functional Model Workstream 1: Functional Element Development.
David L. Wasley Office of the President University of California Higher Ed PKI Certificate Policy David L. Wasley University of California I2 Middleware.
EuroPKI 2008 Manuel Sánchez Óscar Cánovas Gabriel López Antonio F. Gómez Skarmeta University of Murcia Levels of Assurance and Reauthentication in Federated.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
PIV 1 Ketan Mehta May 5, 2005.
ITU-T X.1254 | ISO/IEC An Overview of the Entity Authentication Assurance Framework.
HEPKI-PAG Policy Activities Group David L. Wasley University of California.
David L. Wasley Office of the President University of California Shibboleth Safe delivery of reliable authorization data David L. Wasley University of.
Levels of Assurance in Authentication Tim Polk April 24, 2007.
Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.
Identity in the Virtual World: Creating Virtual Certainty David L. Wasley Information Resources & Communications UC Office of the President.
Identity Assurance: When it Matters David L. Wasley Internet2 / InCommon.
Credentialing in Higher Education Michael R Gettes Duke University CAMP, June 2005, Denver Michael R Gettes Duke University
© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.
State of e-Authentication in Higher Education August 20, 2004.
DIGITAL SIGNATURE.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
E-Authentication & Authorization Presentation to the EA2 Task Force March 6, 2007.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Identity Federations: Here and Now David L. Wasley Thomas Lenggenhager Peter Alterman John Krienke.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
LoA In Electronic Identity Jasig Dallas Levels of Assurance In Electronic Identity Considerations for Implementation Benjamin Oshrin Rutgers University.
InCommon Participant Operating Practices: Friend or Foe?
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Technical Approach Chris Louden Enspier
Federal Requirements for Credential Assessments
InCommon Participant Operating Practices: Friend or Foe?
Introduction of ISO/IEC Identity Proofing
Appropriate Access InCommon Identity Assurance Profiles
Presentation transcript:

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008

Outline Access and Identity Identity Assurance InCommon Identity Assurance Profiles

Access and Identity Modern distributed IT environments separate identity and access management “single sign on” binds an identifier to a physical person Necessary information about that person is given to resource access management systems that need it autheNtication vs authoriZation Why identity is important to security Security is not just about building moats & walls You’d like to locate the person who does a bad thing Strong identity assurance also should help protect people against ID theft

Access and Identity Modern distributed IT environments separate identity and access management “single sign on” binds an identifier to a physical person Necessary information about that person is given to resource access management systems that need it autheNtication vs authoriZation Why identity is important to security Security is not just about building moats & walls You’d like to locate the person who does a bad thing Strong identity assurance also should help protect people against ID theft

Access Models Authorization determines access to resources Policy + process + mechanism + enforcement... Access Control List of specific persons Requires specific identifier for each user Access rules, based on group attributes E.g., any “member of the campus community” Access may also be based on parameters, e.g., resource availability, time of day, location of user, etc... Access decision is made by resource manager

Identity Model Identity is the set of information about a person Unique attributes, e.g., biometric, U.S. President,... Group attributes, e.g., student, male, Joe Smith,... Pseudonymous attributes, e.g., the same person as before Three parties involved Identity Subject is a person who wants to assert an ID Relying Party, e.g. Service Provider, trusts identity information received from an Identity Provider Identity Provider agrees to support identity Subjects by maintaining a database or directory of reliable ID data Each party must trust the others

Identity Model (cont.) Digital credential is bound to a physical person May, but need not, contain some identity information Different credential technologies for different purposes Binding achieved through a registration process RA process must find existing record or create a new one Credential S/N is index to Identity Mgmt DB Credential S/N need not be same as Subject identifier Relying Party uses IdM DB information as part of decision about access to services or resources How good is a Provider’s assertion of an identity?

Identity Assurance How reliable does an identity need to be? Depends on what’s at stake, consequences & mitigations Relying Party needs to do the risk analysis How much can a RP trust an identity assertion? What identity? Does the RP trust the IdP as an organization? How well was identity established and maintained? How (and when) did the Subject authenticate to the IdP? If something goes wrong, can the Subject be found? Nothing is absolute; it’s all degrees of certainty

Identity Assurance Projects NIST Federal eAuthentication See also HSPD-12 and NIST FIPS 201 Liberty Alliance Identity Assurance Framework RealID “Final Rule” FBI National Biometrics Database InCommon Verified Identity Profiles ‡ “Bronze”, “Silver”, … profiles ‡ Temporary name

InCommon Identity Assurance Profiles Now in DRAFT and may change … Structured sets of requirements intended to satisfy management of access to general classes of resources Not necessarily hierarchical Hopefully limited in number(!) First two defined to be equivalent to eAuth “Bronze” == eAuth levels 1 “Silver” == eAuth level 2

Identity Assurance Assessment Framework Business, Policy and Operational Factors Registration and Identity Proofing Digital Electronic Credential Technology Digital Electronic Credential Issuance and Management Security and Management of Authentication Events Identity Information Management Identity Assertion and Content Technical Environment

InCommon “Silver” Profile Business, Policy and Operational Factors Established legal entity Designated authority for IdMS & IdP General Disclosures to identity Subjects Documentation of policies & practices Appropriate staffing Subcontracts Helpdesk Audit of IdMS operations Risk Management plan Logging of operation events

InCommon “Silver” (cont.) Registration and Identity Proofing Identity Verification Process disclosure Retain records of Id documents And one or more of: Confirmed relationship with the organization In-person proofing Remote proofing Digital Electronic Credential Technology Unique credential identifier Subject modifiable shared secret Strong resistance to guessing shared secret *

InCommon “Silver” (cont.) Credential Issuance and Management Unique Subject identifier Credential status Confirmation of delivery Credential verification Suspected credential compromise (†) Credential revocation † indicates an InCommon variant from the NIST recommendations

InCommon “Silver” (cont.) Security and Management of Authentication Events End-to-end secure communications * Proof of control Session authentication Stored secrets Protected secrets Mitigate risk of sharing credentials Threat protection * Authentication protocols *

InCommon “Silver” (cont.) Identity Information Management Identity status management Identity Assertion and Content eduPerson attributes (†) Identity Assertion Qualifier (†) Cryptographic security Technical Environment Configuration Management Network Security Physical Security Continuity of Operations (†)

Implementation Notify InCommon of intention to qualify Assessment by independent (internal) auditor Auditor writes summary letter for InCommon Execute Addendum to Participation Agreement InCommon adds Identity Assurance Qualifier(s) to IdP metadata IdP then may include IAQ(s) in assertions Is responsible to ensure they are appropriate Technical implementation yet to be determined

Use of InCommon IAQs IAQ represents a profile, not a level A given IdP can support multiple profiles IdP may assert InCommon IAQ(s) only if assigned to it by InCommon Identity assertion may contain multiple IAQs E.g., “Bronze” or both “Silver” and “Bronze” Avoids implying hierarchy and allows for additions with minimal disruption Relying Party looks for an IAQ it will accept

Further Information InCommon Identity Assurance Profiles David Wasley NIST Liberty Alliance Identity Assurance Framework RealID FBI biometrics database