“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

Slides:

Advertisements

Similar presentations

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

Advertisements

June 27, 2005 Preparing your Implementation Plan.

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Brian Epley, VA PIV Program Manager

1 HSPD-12 Compliance: The Role of Federal PKI Judith Spencer Chair, Federal Identity Credentialing Office of Governmentwide Policy General Services Administration.

NIH is a Valuable Place with Valuable People: We Need to Protect it! Cyber threat is one of the most serious economic and national security challenges.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.

Public Key Infrastructure (PKI) Hosting Services.

Department of Health and Human Services Personal Identity Verification Training APPLICANT.

1 Federal Identity Management and Homeland Security Presidential Directive 12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.

Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

Nairobi, Kenya 29-31October Fifth Special Meeting of the Counter- Terrorism Committee with International, Regional and Subregional Organizations.

U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Issuers.

1 Homeland Security Presidential Directive 12 (HSPD-12) Policies & Procedures Veronica McCann - Security Specialist Western Region Security Office March.

Department of Labor HSPD-12

PIV-I Issuing Procedures for Applicants (Current Contractors) v1.1.

National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

PIV Data Model Testing Ketan Mehta March 3, 2006.

Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.

E-Authentication: What Technologies Are Effective? Donna F Dodson April 21, 2008.

1 Implementation of Homeland Security Presidential Directive 12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide FED/ED.

PIV-I Issuing Procedures for Applicants (New Volunteers / Affiliates) v1.1.

PIV-I Issuing Procedures for Applicants (New Employees) v1.1.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.

Complying With The Federal Information Security Act (FISMA)

U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Registrars.

Federal CIO Council Information Security and Identity Management Committee IDManagement.gov FICAM Testing Program and Approved Products List (APL) Overview.

IdM Identity Proofing & Registration Gary Chapman David Millman September 2006.

Homeland Security Presidential Directive-12 (HSPD-12)

HSPD-12 and FIPS-201 Overview v Learning Objectives At the end of this course, you will be able to: Describe Homeland Security Presidential Directive.

EmpowHR Sponsorship.

Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.

1 The Government-wide Implementation of Homeland Security Presidential Directive 12 (HSPD-12) David Temoshok Director, Identity Policy and Management GSA.

Page 1 EmpowHR Adjudicator.

PIV 1 Ketan Mehta May 5, 2005.

PIV-I Issuing Procedures for Applicants (Current Employee) v1.1.

Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005.

Real ID Vibhas Chandrachood, Executive Director Office of Application Development Commonwealth Office of Technology Commonwealth of Kentucky December 15,

Homeland Security Presidential

NTEU Briefing Remote Fingerprinting December 5, 2008.

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

Non-Employee Identity System (NEIS) Adjudicator Training.

Non-Employee Identity System (NEIS) Adjudicator Training.

HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.

HSPD-12 and the Personal Identity Verification (PIV) System Procurement Briefing by Corrine Irwin January 2008.

Non-Employee Identity System (NEIS) Adjudicator Training.

COAG AUSTRALIA The Prime Minister, Premiers and Chief Ministers signed the IGA at the COAG meeting on 13 April The key objectives of the Strategy,

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Federal Preparedness Credentialing & Typing. H.R. 1 - Requirement Title IV of the “Implementing Recommendations of the 9/11 Commission Act of 2007” directs.

1 Federal Identity Management Infrastructure and Policy David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide August 15,

Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.

E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.

Ketan Mehta March 3, 2006 PIV Data Model Testing Ketan Mehta March 3, 2006.

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

E-Authentication: What Technologies Are Effective?

HIMSS National Conference New Orleans Convention Center

Preparing your Implementation Plan

NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.

Appropriate Access InCommon Identity Assurance Profiles

A Quick Tour of the FIPS 201 Revision

Presentation transcript:

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

2 HSPD-12 Briefing Outline Executive Summary Implementation Highlights Where We Are Now Issues

3 Executive Summary HSPD-12 Homeland Security Presidential Directive 12 was signed by President Bush Aug. 27, 2004 “…It is the policy of the United States to enhance security, increase government efficiency, reduce identity fraud, and protect personal privacy…” Improved personal identity verification (PIV) of all federal employees and contractors. Interoperable ID badges/ “ smart cards. ”

4 Executive Summary HSPD-12 Control Objectives “Secure and reliable forms of identification” must be: Issued based on sound criteria for verifying an individual employee ’ s identity. Strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation. Able to be rapidly authenticated electronically. Issued only by providers whose reliability has been established by an official accreditation process.

5 Executive Summary To implement, we must… Strengthen and standardize identity verification process. Operate a comprehensive PIV card authentication and personal identity verification system. Procure standard ID badges/ smartcards, readers, and PKI services per FIPS 201. Capture index fingerprints on PIV card, and store fingerprints in database.

6 Executive Summary Guidance and Standards Federal Information Processing Standards 201 (FIPS) for HSPD-12 developed by NIST. FIPS 201 breaks down requirements into “ PIV I ” and “ PIV II. ” Includes NIST Special Publications SP – Smart card requirements. SP – Biometric requirements (fingerprints). SP – Cryptographic requirements (PKI). SP – Certification and accreditation (C&A). SP – Testing procedures for PIV products.

7 Executive Summary FIPS 201 (Part 1 & II) PIV I – the process Strengthens “identity-proofing” and background investigations. Defines credential issuance process. Mandates privacy protections. PIV II - components of the PIV system Interoperable PIV Card. Card Management Subsystem. Access Control Subsystem. Identity Management System (IDMS). PKI credential.

8 Implementation Highlights Due Dates By Oct. 27, 2005: PIV-I: Identity proofing and credential issuance process complies with FIPS 201, part 1. Completed. By Oct. 27, 2006: PIV-II: New employees/ contractors: Issue only PIV-II compliant cards and require use for both physical and logical access. Existing employees/ contractors: Begin replacing cards. FBI National Criminal History (fingerprint) Check portion of background investigation before PIV Card issuance. Full National Agency Check with Inquiries (NACI) must follow. By Oct. 27, 2007: Finish replacing cards for current employees/ contractors and require use for both physical and logical access. All federal employees with less than 15 years of service and all contractors must be identity proofed with a minimum of a NACI.

9 Where We Are Now Currently compliant with all FIPS 201 requirements for PIV I. PIV I Guidance issued. New PIV I form being utilized. New HR hiring practices are in place. Conducted training for all OSEP employees associated in PIV I process. CPO conducted Contracting Officers training. New HUDAR clause is written. OSEP has started Certification and Accreditation process. GSA currently working on hiring contractor support for future DSX upgrades and additional hardware.

10 Government Wide HUD Involvement Federal Identity Credentialing Committee (FICC) Interagency Partnership Working Group meetings Smart Card Interagency Advisory Board (IAB) Interagency Privacy Committee

11 Next Steps Future Issues: High project implementation costs. Integration of DSX to HUD infrastructure. HUD computer network access will require use of PIV card (including PKI credential). PKI credential has never been used in HUD environment. Procurement risks: Currently there are no products or services that are certified to be FIPS 201 compliant. GSA will require purchases of products using Schedule 70 (HITS?). GSA will not have new Schedule 70 in place until May 2006.