John Wandelt Mar 2015. National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing.

Slides:



Advertisements
Similar presentations
Module N° 4 – ICAO SSP framework
Advertisements

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair
Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda.
Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.
This presentation was prepared by Georgia Tech Research Institute using Federal funds under award 70NANB13H189 from National Institute of Standards and.
1 Data Strategy Overview Keith Wilson Session 15.
Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.
SWITCHaai Team Federated Identity Management.
Global Federated Identity & Privilege Management GFIPM John Ruegg, Director LA County ISAB United States Department of Justice.
Functional Model Workstream 1: Functional Element Development.
TFTM Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities.
The InCommon Federation The U.S. Access and Identity Management Federation
1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.
Tom Clarke VP, Research & Technology National Center for State Courts.
North Carolina TASC Clinical Series Training Module One: Understanding TASC.
TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.
A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.
TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.
Session ID: Session Classification: Dr. Michael Willett OASIS and WillettWorks DSP-R35A General Interest OASIS Privacy Management Reference Model (PMRM)
Identity Ecosystem Framework and Charter Gap Analysis.
SEARCH Membership Group Systems & Technology PAC Global Justice XML Data Model (GJXDM) Update January 29, 2005.
HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.
Enforcement mechanisms for distributed authorization across domains in UMA – aka “UMA trust” Eve Maler | 22 Aug 2012 draft.
Overview Privacy Management Reference Model and Methodology (PMRM) John Sabo Co-Chair, PMRM TC.
GRA Implementations using Open Source Technologies Mark Perbix and Yogesh Chawla SEARCH.
Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Enterprise Architecture, Enterprise Data Management, and Data Standardization Efforts at the U.S. Department of Education May 2006 Joe Rose, Chief Architect.
FEA DRM Management Strategy Presented by : Mary McCaffery, US EPA.
S&I Integration with NIEM (DRAFT) Standards Development Support June 8, 2011.
GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011.
Data Strategy  Status Update  SSIM  RID  Technology Strategies.
National Information Exchange Model (NIEM) Executive Introduction November 29, 2006 Thomas O’Reilly NIEM Program Management Office.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
Access Management 2.0: UMA for the #UMAam20 for questions 20 March 2014 tinyurl.com/umawg for slides, recording, and more 1.
Scalable Trust Community Framework STCF (01/07/2013)
Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011.
C-DERL is an application designed to be a Federal- wide, online repository for data standards, definitions, and context. It was authorized jointly by the.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)
Progress Report on the U.S. NSTIC Efforts Jack Suess – Delegate for Research, Development, Education & Innovation
Realize the Power of Information IJIS Institute Briefing June 24, 2014.
COMMUNITY-WIDE HEALTH INFORMATION EXCHANGE: HIPAA PRIVACY AND SECURITY ISSUES Ninth National HIPAA Summit September 14, 2004 Prepared by: Robert Belfort,
1 CDC Health Information Exchange (HIE) Accelerating State-wide Public Health Situational Awareness in New York Through Health Information Exchanges August.
Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
Access Policy - Federation March 23, 2016
Higher Education’s Role in the Identity Ecosystem
InCommon Steward Program: Community Review
HIMSS National Conference New Orleans Convention Center
Appropriate Access InCommon Identity Assurance Profiles
Baseline Expectations for Trust in Federation
Presentation transcript:

John Wandelt Mar 2015

National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing friction – increase volume and velocity, reduce cost and time, etc. Reduce RiskReduce Risk – Allow for better risk assessment and decision making - does not mean eliminate risk Increase Agility and ResiliencyIncrease Agility and Resiliency

Trusted Information Sharing Between Organizations Requires Agreement Resource Owner Resource Requester Resource Requester 3

Agreement Often Necessary Across Many Dimensions Resource Owner Resource Requester An agreement between stakeholders consisting of: Business Requirements Selection of standards and profiles of those standards Identity Proofing Acceptable credential types Levels of Assurance Levels of Protection- Security Controls Privacy Policies Auditing expectations Legal obligation and liability clauses Dispute resolution process Governance structure

Direct Trust 3 rd Party Trust Reputational Trust Residual Risk Trust Models and Concepts

It Is Challenging to Establish Trust Across a Large Diverse COI or ISE Resource Requester Resource Requester Resource Requester Resource Requester Resource Owner Resource Owner Resource Owner Resource Owner Resource Requester Resource Requester Resource Requester Resource Owner Resource Owner Resource Owner Resource Owner Resource Owner Resource Owner Resource Owner Resource Owner Resource Requester 6

Agreement (and Trust) Is Hard To Scale Agreement # of Participants, COIs, Use Cases The Need The Reality

Not all use cases are known up front Not all requirements are known up front Not all stakeholders are known up front Must leverage much of what is in place Adoption will happen over an extended period of time in varying degrees and rates By the time we think we get it figured out something will change…. ISE Facts of Life 8

Information Sharing Environment Challenge

The Perspective from the LE Community Required to share data across jurisdictions Law Enforcement COI has over 1 million people in the US alone 18,000 US LE agencies LE agencies are autonomous (NOT centrally funded) LE agencies are autonomous (NOT centrally funded) Trust between agencies is a fundamental requirement But must obey applicable access controls when sharing 3 rd party trust is required due to COI size and complexity Federal Agencies State Agencies Local Agencies Tribal Agencies Task Forces Fusion Centers LE agencies are highly heterogeneous Legitimate business need to interact with many other COIs Most users must have high-assurance credentials

ISE Vision: What if?

Realization: “Identity the Great Enabler”

Today’s Identity Mgmt. Macro Environment GFIPM is no longer the “only game in town” Must consider GFIPM touch-points to other IdM programs FICAM, SICAM, NSTIC, BAE, FirstNet, etc. Non-operational programs cannot lead the way Must incorporate operational experience into GFIPM specs

Identity Federation Implication Application (Service Provider) Application (Service Provider) Identity Provider Identity Provider User Application (Service Provider) Application (Service Provider) Application (Service Provider) Application (Service Provider) Application (Service Provider) Application (Service Provider) Application (Service Provider) Application (Service Provider) Standard Protocols So what about Trust, Liability, Security, Privacy, Interoperability? Decouple Identities from Applications! Attribute Provider Attribute Provider 14

15 ABA Trust Framework Perspective Contract: “I Agree” to... Existing Law Warranties Dispute Resolution Measure of Damages Enforcement Mechanisms Termination Rights Liability for Losses Existing Law Privacy Standards Credential Issuance Authentication Requirements Reliance Rules Audit & Assessment Oversight Credential Management Security Standards Identity Proofing Technical Specifications Enrolment Technical and Operational Specifications Legal Rules Enforcement Element 15

Trust Frameworks Business Requirements Selection of standards and profiles of those standards Identity Proofing Acceptable credential types Levels of Assurance Levels of Protection- Security Controls Privacy Policies Auditing expectations Legal obligation and liability clauses Dispute resolution process Governance structure CSDII 16

Current State of the Identity Ecosystem ISE A IDP AP RP IDP RP Federation B Federation B IDP AP RP IDP RP Community of Interest C Community of Interest C IDP AP RP IDP RP ID Trust Framework A ID Trust Framework B ID Trust Framework C There exist many Trust Frameworks. Each Trust Framework requires agreement across many dimensions. Many Trust Frameworks are monolithic and opaque. 17

Achieving Cross-Framework Trust ISE A IDP AP RP IDP RP Federation B Federation B IDP AP RP IDP RP Community of Interest C Community of Interest C IDP AP RP IDP RP Suppose this user needs access to this RP. ID Trust Framework A ID Trust Framework B ID Trust Framework C 18

National Identity Exchange Federation (NIEF) Objectives Share user identity and attribute information for authentication, identification, authorization, auditing Share agency and resource metadata information Provide onramp and roadmap other relevant ICAM initiatives Provide an operational trust framework for doing the above Educate and provide technical assistance Established in 2008 as an outgrowth of the Global Federated Identity and Privilege Management (GFIPM) Initiative with a focus on justice and public safety agencies at the federal, state, and local level. 19

NIEF Challenges 20

NSTIC Trustmark Pilot Team 21

Our Approach: Componentization and Machine Readability (“Trustmarks”) …then we get: If the frameworks were modular… Greater transparency of trust framework requirements Greater ease of comparability between frameworks Greater potential for reusability of framework components Greater potential for participation in multiple trust frameworks by ID Ecosystem members with incremental effort and cost And, most importantly: ID Trust Framework B ID Trust Framework A NIST LOA 3 NIST LOA 3 OAuth ID Trust Framework C FIPS 200 FICAM SAML SSO FIPPs OpenID

A Trustmark Framework ID Trust Framework B ID Trust Framework A NIST LOA 3 NIST LOA 3 ID Trust Framework C FICAM SAML SSO FIPPs OAuth OpenID FIPS 200 These modular components are called Trustmarks. Think of trustmarks as mini reusable certifications. These modular components are called Trustmarks. Think of trustmarks as mini reusable certifications. 23

FICAM SAML SSO Profile NIST / FICAM LOA 3 Identity Fair Information Practice Principles (FIPPs) FIPS 200 Security Practices GFIPM Metadata Registry (User Attributes) Scope of Trustmarks Trustmark Policies & Trustmark Agreements 24

Bundling of Components for Business Context Components COI A Federation B Trust Framework C Privacy Security Interoperability Legal Business Continuity Personnel Other Component Types (Examples) 25

A Trustmark-Based Ecosystem IDP AP RP IDP AP RP IDP RP IDP RP IDP RP AP IDP ID Trust Framework B ID Trust Framework A ID Trust Framework C Existing Trust Frameworks could be expressed as a set of components called a TIP. Trust Interoperability Profile B Trust Interoperability Profile A Trust Interoperability Profile C 26

A Trustmark-Based Ecosystem IDP AP RP IDP AP RP IDP RP IDP RP IDP RP AP IDP Then each member of the community can acquire the necessary Trustmarks based on the TIP. TIP B TIP A TIP C Trustmarks can be acquired through a Trustmark Provider. Trustmark Provider There can be many Trustmark Providers in the ID Ecosystem. Trustmark Provider 27

A Trustmark-Based Ecosystem IDP AP RP IDP AP RP IDP RP IDP RP IDP RP AP IDP Trustmarks can be stored in a searchable Trustmark Registries or shared directly with partners. TIP B TIP A TIP C Trustmark Registry IDP X: RP Y: Etc. Trustmark Registry IDP X: RP Y: Etc. Trustmark Registry IDP X: RP Y: Etc. 28

Trustmark Defining Organization Stakeholder Community Trustmark Definition Is Represented By Defines Trustmark Recipient Trustmark Relying Parties Org. 1 Org. 2 End User Trust Interop Profile Trustmark A Trustmark B Trustmark C Is Used By Is Required By Is Trusted By Trustmark Provider Is Required By Issues The Trustmark Framework Normative Specs Required

Trustmark Definitions Metadata: Publisher: U.S. General Services Administration Name: NIST/FICAM LOA 2 IDPO TD URL: Description and Intended Purpose: … Target Stakeholder Audience: … Date of Publication: 15 Apr 2014 Version: 1.0 Visual Icon: Metadata: Publisher: U.S. General Services Administration Name: NIST/FICAM LOA 2 IDPO TD URL: Description and Intended Purpose: … Target Stakeholder Audience: … Date of Publication: 15 Apr 2014 Version: 1.0 Visual Icon: Conformance Criteria: Conformance to the Identity Provider Organization (IDPO) conformance target of this TD requires the following. 1.The IDPO MUST … 2.The IDPO MUST … 3.The IDPO MAY … 4.… Conformance Criteria: Conformance to the Identity Provider Organization (IDPO) conformance target of this TD requires the following. 1.The IDPO MUST … 2.The IDPO MUST … 3.The IDPO MAY … 4.… Assessment Process: Before issuing a trustmark subject to this TD, a Trustmark Provider MUST complete the following assessment steps. 1.The TP MUST … 2.The TP MUST … 3.The TP MUST … Assessment Process: Before issuing a trustmark subject to this TD, a Trustmark Provider MUST complete the following assessment steps. 1.The TP MUST … 2.The TP MUST … 3.The TP MUST … Certification as a Trustmark Provider: Before an entity may issue trustmarks subject to this TD, it MUST complete the following certification process. 1.The entity MUST … 2.The entity MUST … 3.The entity MUST … Certification as a Trustmark Provider: Before an entity may issue trustmarks subject to this TD, it MUST complete the following certification process. 1.The entity MUST … 2.The entity MUST … 3.The entity MUST … Trustmark Extension Schema: Trustmarks issued subject to this TD MUST conform to the Trustmark Base Schema, and MUST also conform to the following Trustmark Extension Schema. Trustmark Extension Schema: Trustmarks issued subject to this TD MUST conform to the Trustmark Base Schema, and MUST also conform to the following Trustmark Extension Schema. XSD XML ?

CJISPIV-I GFIPM FICAM NIEF Others Creating Modular Common Components Transformation Process Step 1: Gather trust and interop requirements from many frameworks Step 2: Break down and reassemble requirements into modular, reusable components Step 3: Express modularized requirements in a standard format to encourage broad reuse Trustmark Definition Trustmark Definition Trustmark Definition

Sample Trustmark Definition

Example Conformance Criteria: Registration and Issuance 33

Example Assessment Steps: Registration and Issuance 34

Trust Interoperability Profile (TIP): Bundling Trustmarks for Business Context Metadata: Publisher: U.S. Dept. of Justice URL: Name: U.S. Law Enforcement Community Info Sharing TIP Description and Intended Purpose: … Date of Publication: 15 Jun 2014 Version: 1.0 Digital Signature of Issuer: Metadata: Publisher: U.S. Dept. of Justice URL: Name: U.S. Law Enforcement Community Info Sharing TIP Description and Intended Purpose: … Date of Publication: 15 Jun 2014 Version: 1.0 Digital Signature of Issuer: Trust and Interoperability Criteria: Identity Provider Organization (IDPO) Trustmark Requirements: Service Provider Organization (SPO) Trustmark Requirements: Trust and Interoperability Criteria: Identity Provider Organization (IDPO) Trustmark Requirements: Service Provider Organization (SPO) Trustmark Requirements: XML TrustmarkRequirementApproved Trustmark Providers FICAM SAML SSO IDP MUST HAVENIEF or IJIS NIEF/FICAM LOA 2 IDPO MUST HAVENIEF or Kantara NIEF Attribute Profile IDPO MUST HAVE(ANY) XYZ Privacy Policy IDPO SHOULD HAVE(ANY) TrustmarkRequirementApproved Trustmark Providers FICAM SAML SSO SP MUST HAVENIEF or IJIS NIEF Attribute Profile SPO MUST HAVE(ANY) XYZ Privacy Policy SPO MUST HAVE(ANY)

Development & Refinement of Trustmark Concept Technical Framework framework/1.0/ framework/1.0/ NIEF Trustmark (Component) Definitions (62) definitions/ definitions/ NIEF Trust Interoperability Profiles (10) interoperability-profiles/ interoperability-profiles/ Development of Software Tools Trustmark Assessor Tool, Trust Fabric Registry, & Others Socialization of Trustmark Concept NPO, NIEF, IDESG, & Others Trustmark Pilot Website: Progress to Date

The NIEF Trustmark Legal Framework Trustmark Provider Trustmark Recipient Trustmark Relying Party Trustmark Policy Trustmark Trustmark Recipient Agreement Trustmark Relying Party Agreement Explicit Relationship Explicit Relationship Implicit Relationship Explicit Reference

Phase1 Trustmark Pilot Participants “As DPS moves toward enabling more services through federated standards, the ability to expose these services via the NIEF trustmark framework will allow DPS to better serve the Texas law enforcement and first responder community.”

ALABAMA SECURE SHARING UTILITY for RECIDIVISM ELIMINATION (ASSURE) Goals Improve communication among entities responsible for providing and coordinating mental health and substance use services Improve continuity of care to individuals who move between incarceration and the free world Increase awareness of availability of community-based mental health services Produce a more accurate and complete profile of offenders Increase effectiveness and efficiency of the intake and classification process Reduce reliance on emergency department services Refer people leaving correctional facilities to community-based behavioral health and substance use treatment services Provide clinical information to assist with their treatment Ensure timely access to essential medications for people entering or leaving jail or prison Link correctional health providers to ADMH and community-based behavioral health services Reduce recidivism by ensuring that offenders – whether in a community or incarceration setting – receive services matched to their individual needs such as Educational, Vocational, Rehabilitation and Treatment Justice-to-Health Collaboration Alabama Board of Pardons and Paroles (ABPP) Alabama Department of Corrections (ADOC) Alabama Department of Mental Health (ADMH) Community Mental Health Centers (CMHC) ADMH Substance Abuse Contract Providers Contact Richard Fiore at or Purpose Create a secure, web-based portal to share appropriate information regarding clients, probationers and inmates Highlights Based on Global Standards: GRA, NIEM, GFIPM as well as Trustmark framework Funded by BJA 2013-DB-BX-K059 and 2014-DB-BX-K003

Trustmark Assessment Tool Process Flow Trustmark Assessment Tool Database Trustmark Assessment Tool FICAM LOA 2 Authn Process TD FICAM LOA 2 Authn Process TD Trustmark Provider Trustmark Recipient Candidate Trustmark Definitions 1. Load TDs into Assessment Tool 2. Receive request for trustmark from Trustmark Recipient Candidate 3. Perform assessment of Trustmark Recipient Candidate 4. Store assessment artifacts / evidence in database 5. Issue trustmark to Trustmark Recipient

Sample Screen Shot from Trustmark Assessment Tool

NIEF Trustmark Issuance and Binding NIEF Trust Fabric Registry NIEF Trust Fabric Registry NIEF Trustmark Assessment Processes Trustmark 1 Trustmark 2 Trustmark N NIEF Trust Fabric Entry Trustmark 1 Trustmark 2 Trustmark N Signed by NIEF NIEF Member Agency (Trustmark Recipient) NIEF Member Agency (Trustmark Recipient) Trustmark Assessment Tool Trust Fabric Entry Editor Trust Fabric Registry Manager Tool

NIEF Trustmark Usage by TRPs NIEF Trust Fabric Registry NIEF Trust Fabric Registry Trustmark Relying Party 1. Query for trust fabric entries with required trustmarks, in accordance with local TIP Trust Interoperability Profile (TIP) 2. Receive matching trust fabric entries 3. Install entries in local product

See previous lessons learned and open questions at: Previous Lessons Learned

We learned new lessons in the areas of: Trustmark Practicalities and Tradeoffs Trustmark Assessment, Issuance, and Mgmt. Trustmark Legal Agreements Trustmark Binding Some New Lessons Learned

Tradeoffs in Decomposition of Requirements Best Practices for Communities in Defining and Documenting Requirements Staged Adoption of Trustmarks Reputational Trust and Residual Risk Reuse of Assessment Results Value of Software Tools Within the Trustmark Framework Value of a Trustmark Framework Technical Spec Handling “Partial” Conformance Realities of Rigorous Trustmark Assessment Legal Framework is Acceptable to NIEF Members Trustmark Binding New Lesson Highlights

What does an IDESG Trustmark mean? What is the basis for Trust? How do I use it? How does it relate/map to my COI/TFP/Federation/requirements? Can it be extended and/or constrained? How does it get life-cycle managed? What is the motivation for adoption? Some Questions

Learn More Here