NIH Policy Manual 2811 Policy on Smart Card Authentication iTrust Forum Mark L. Silverman December 10, 2009

Slides:

Advertisements

Similar presentations

Single Sign-On and Federated Authentication at NIH and Beyond

Advertisements

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

NIH is a Valuable Place with Valuable People: We Need to Protect it! Cyber threat is one of the most serious economic and national security challenges.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

Department of Health and Human Services Personal Identity Verification Training APPLICANT.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

Department of Labor HSPD-12

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

Password?. Project CLASP: Common Login and Access rights across Services Plan

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

FIT3105 Smart card based authentication and identity management Lecture 4.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.

Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Enterprise Physical Access Control System (ePACS) Overview Briefing

Helen Schmitz Update on EA July 13, 2011 NIH Enterprise Information Technology Architecture Contact:

Certificate and Key Storage Tokens and Software

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

HSPD-12 and FIPS-201 Overview v Learning Objectives At the end of this course, you will be able to: Describe Homeland Security Presidential Directive.

National Science Foundation Chief Information Officer CIO Fall Update for the Advisory Committee for Business and Operations: Identity Management 2.0 George.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Quick login to multiple applications. What is Single Sign On SSO SSO is a software application that will be loaded onto workstations at Palmetto Health.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

A Practical Guide for Joining EduRoam EuroCAMP Torino A Practical Guide for Joining EduRoam 4 March 2005 Version 1.6.

Designing Authentication for a Microsoft Windows 2000 Network Designing Authentication in a Microsoft Windows 2000 Network Designing Kerberos Authentication.

In the web address box enter Enter your user ID (first and last initial 7 digit ID number) Select Log in.

NTEU Briefing Remote Fingerprinting December 5, 2008.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.

An Overview of Single Sign-On, Federation, Its Benefits, and Basic Procedures for Integrating Applications.

HSPD-12 and the Personal Identity Verification (PIV) System Procurement Briefing by Corrine Irwin January 2008.

Information Security Training for People who Supervise Computer Users.

Data Security Overview. Data Security Periphery –Firewalls –Web Filtering –Intrusion Detection & Prevention Internal –Virus Protection –Anti Spy-ware.

The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.

Security Windows 2000 Richard Goldman © December 4, 2001.

Mary Theofanos Visualization & Usability Group Information Access Division Information Technology Laboratory PIV Pilot Usability Lessons Learned.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

Page 1 User Accounts Lecture 3 Hassan Shuja 09/21/2004.

Registering for MyEnvironmentPlace. Go to Click Books Available.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Creating and Managing Digital Certificates Chapter Eleven.

CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.

Access Control / Authenticity Michael Sheppard 11/10/10.

Privilege Management Chapter 22.

NARFE Logging on to the OAM. Getting to the OAM Go to the NARFE home page.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Instructions for the Access Card Utility 1.2 Self-service renewal of your HHS digital certificates using your Windows computer US Department of Health.

EZAccess User Guide. EZAccess is a web proxy server that allows authorized users to access IP-restricted electronic resources subscribed by UiTM library.

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

A LAPTOP containing personal details of scores of NHS patients is one of nearly 200 computers either stolen or missing from public bodies in the Lothians.

Understand User Authentication LESSON 2.1A Security Fundamentals.

ORNL is managed by UT-Battelle for the US Department of Energy Multifactor Authentication June 15, 2016.

Cyber Security Means Locking the Front Door Too: Use High-Assurance Identity Management to Control Access to the Federal Bridge.

Data security OCR Cambridge Nationals in ICT Level 1/2 © Hodder & Stoughton 2013.

TCEQ Migration to EPA’s National NetDMR

Multifactor Authentication & First Time Login

Strong Password Authentication Protocols

HIMSS National Conference New Orleans Convention Center

Process flow Kindly note: This presentation is automated – please do not click any of your mouse buttons or keyboard keys.

PLANNING A SECURE BASELINE INSTALLATION

Presentation transcript:

NIH Policy Manual 2811 Policy on Smart Card Authentication iTrust Forum Mark L. Silverman December 10, 2009

Page 2 HSPD-12 Homeland Security Presidential Directive 12 –Issue smart card ID badges, known as personal identity verification (PIV) cards –PIV cards must be used to obtain logical access to IT systems and physical access to facilities. All NIH staff will have PIV cards by June 2010 The smart card authentication policy provides the framework and timeline for NIH to satisfy the logical access requirements of HSPD-12.

Page 3 Purchase Smart Card Readers Enable staff to use their PIV cards by requiring NIH computers to support them. New computer purchases must include smart card readers in accordance with HHS policy All NIH-networked desktops, laptops and servers to have readers by December 31, 2010  NITAAC pre-competed the purchase of USB smart card readers, ICs can acquire them under ECS III

Page 4 Accept Smart Cards Enable use of PIV cards for logical access by requiring NIH systems to accept them. Applications that use NIH Login must be capable of accepting smart cards by May 30, 2010 Networked desktops, laptops and servers to support smart card logon by December 31, 2010  Currently supported by NIH Windows systems

Page 5 Use Smart Cards Enable NIH to comply with Federal IT security requirements by requiring smart card logon on systems where the use of passwords is not permitted. Smart cards shall be used to log in to sensitive systems by December 31, 2010 Smart cards shall be used to log in to laptops by May 30, 2011

Page 6 Policy Exceptions Policy does NOT apply where not practicable Smart card use is not required on systems that can not support it (e.g., PDAs, stand-alone systems) or where it would inhibit the operation of the system (e.g., medical equipment) Passwords may still be used on less sensitive systems, as permitted by NIST

Page 7 Smart Card Resources  –Information about smart cards, readers, policy, etc. –User and diagnostic guides Windows, Macintosh, Linux and Unix Authentication, digital signatures and encrypted Currently being created by Smart Card Support Project  Subscribe to smartcard-l –Intended for technical support staff –Announcements –Technical issues/solutions

Page 8 Conclusion NIH Staff are getting smart cards! Computers must have readers and middleware! Applications that use NIH Login must be able to accept smart cards! Smart cards must be used to access sensitive systems. If it cannot be done, it is not required!