NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.

Slides:

Advertisements

Similar presentations

HiPath SIcurity Card Manager Smartcard Management and Personalization System Sales Presentation.

Advertisements

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

June 27, 2005 Preparing your Implementation Plan.

FIPS 201 Framework: Special Pubs ,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.

Mobile Devices in the DoD

Brian Epley, VA PIV Program Manager

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.

15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.

Public Key Infrastructure (PKI) Hosting Services.

Department of Health and Human Services Personal Identity Verification Training APPLICANT.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.

U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Issuers.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

United States DoD Public Key Infrastructure: Deploying the PKI Token

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

Department of Labor HSPD-12

U.S. Department of Justice Drug Enforcement Administration Office of Diversion Control Electronic Prescriptions for Controlled Substances Michelle Ferritto,

FICAM Testing Program For more information, please contact GSA-FICAM- The FIPS 201 Evaluation Program is now the FICAM Testing.

1/13/05NCASSR PNNL Visit1 Security Tools Area Overview, Credential Management Services, and the PKI Testbed Jim Basney Senior Research Scientist

National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.

NIST Special Publication Biometric Data Specification for Personal Identity Verification March 3, 2006 Update.

Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

PIV Data Model Testing Ketan Mehta March 3, 2006.

Understanding Active Directory

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.

1 Implementation of Homeland Security Presidential Directive 12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide FED/ED.

1 Performance Management Presentation Access Control Team Members: Major Billy Alford, Team Leader Bill Brosius, Alex Salah, Cassandra Harris ORS National.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

Complying With The Federal Information Security Act (FISMA)

U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Registrars.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Biometric Access Control in TWIC Read Hardware and Card Application Specification Roger Roehr.

HSPD-12 and FIPS-201 Overview v Learning Objectives At the end of this course, you will be able to: Describe Homeland Security Presidential Directive.

DoD Acquisition Domain (Sourcing) (DADS) Analysis of Alternatives (AoA) E-Business/SPS Joint Users’ Conference November 15-19, 2004 Houston, TX.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

PIV 1 Ketan Mehta May 5, 2005.

Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.

Configuring Directory Certificate Services Lesson 13.

U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005.

Homeland Security Presidential

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

1 © Material United States Department of the Interior Federal Information Security Management Act (FISMA) April 2008 Larry Ruffin & Joe Seger.

HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.

U.S. Department of Agriculture eGovernment Program eGovernment Working Group Meeting February 11, 2004.

HSPD-12 and the Personal Identity Verification (PIV) System Procurement Briefing by Corrine Irwin January 2008.

28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.

Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Ketan Mehta March 3, 2006 PIV Data Model Testing Ketan Mehta March 3, 2006.

Computer Security Division Information Technology Laboratory

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.

Presentation transcript:

NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006

14th Fed/Ed Workshop 14 December ‘06 2 NASA PIV System Constraints  The NASA PIV System will meet the following constraints: Utilize the existing and evolving NASA networks Utilize the NASA Operational Certificate Authority (NOCA) Integrate with NASA authentication services; specifically those provided by the Agency Public Key Infrastructure (PKI), the Agency Enterprise Directory, and the Agency Active Directory Integrate with existing and evolving identity data management products, tools and processes, specifically those provided by the NASA Integrated Services Environment (NISE) Meet HIGH IT Security information categorization for Personal Identity and Authentication and Security Management Reflect guidance, direction, and requirements provided by the NASA Office of the Chief Information Officer (OCIO), NASA Office of Security and Program Protection (OSPP), OMB and NIST

14th Fed/Ed Workshop 14 December ‘06 3 NASA PIV Status  NASA Operational CA (NOCA) Key Generation Ceremony completed 22 September ‘06  PIV 1 process and PIV 2 compliance demonstrated with 27 October ‘06 cards issued to two people (Karen Petraska and Walter Hussey)  Completed draft of PIV Design Document  Completed Biometrics Requirements Document  Completed Test Card Procurement; production card award in process  Conducted successful PIV Preliminary Design Review (PDR), 15 November ‘06  Received PDR comments; currently dispositioning them  Complete biometrics Proof of Concept by 22 December ‘06

14th Fed/Ed Workshop 14 December ‘06 4 NASA PIV High Level Requirements The NASA PIV System shall: Comply with FIPS 201 requirements for applicant enrollment, card production, and card issuance for Federal employees Create and store new identities for new NASA employees, contractors and partners Track information related to identity proofing documents, fingerprints, and background checks Issue a PIV-II compliant Smart Card badge that contains a PKI identity certificate and capability for optional PIV certificates Manage the issuance lifecycle for PIV-II compliant Smart Cards Flow information appropriately through interconnected NASA systems (AD, CIMS, CBACS) Produce NASA PIV cards for which CBACS is able to enable physical access control Provide NASA data via automated interface to Office or Personnel Management (OPM) and/or Federal Bureau of Investigation (FBI) in acceptable format Support commercial bulk printing of NASA PIV cards as well as Face-to- Face NASA PIV printing Within all subsystem components, meet NIST HIGH controls

14th Fed/Ed Workshop 14 December ‘06 5 Issues  Storage of fingerprints during PIV process??  Requirements for number of certificates to be accommodated by data model and plan for implementation phasing??  Interim versus final identity proofing and registration processes OPM questions (type 4 vs type 14, MOU, electronic links, etc.)  Document verification  Roles clarification (PIV process – FIPS 201, HR Desk Reference Guide, NASA OSPP processes and guidance, business architecture)  Processes for badges that require physical/logical access for fewer than 180 days  Training, change management and test strategy

14th Fed/Ed Workshop 14 December ‘06 6 Remaining Major Tasks  Decision/Input Point for Batch versus F2F printing  Finalizing production badge templates  Complete Use Cases and processes for life cycle management for card holders and cards  Key Management process between Oberthur and NASA  Clarify CMS Card Identification Number (CIN)  Complete Security Plan, Test Plan, Training Plan  Complete Biometric Proof-of-Concept & procurement  Workflow development and interface  NOCA production transition  Production card profiles and batch process

14th Fed/Ed Workshop 14 December ‘06 7 IDMAX – Identity Management and Account Exchange CIMS – Cyber Identity Management System NASA PIV Target Architecture NASA PIV Target Architecture CMS DB IDMAX NOCA Certificate Authority Certificate Authority OCSP Employee Data Certificates & Requests Verification Certificate Employee Data, UUPIC Smart Card Contactless Biometric Live Scan Fargo Printer (w/ magstripe) Digital Camera Enrollment / Finalization Enrollment / Finalization Name, CHUID, Legacy Prox ACL PACS Enrollment & Encoding Data Locator Center DB HR Account Authorization PIV Events PACS – Physical Access Control System LACS – Logical Access Control System NDC AD CIMS PKI x.500 Enterprise LDAP Biometric Server CMS / BMS BIO DB PIV Services PIV Services Employee Data, UUPIC LACS