16 June ‘04Fed/ED1 Filling the FPKI Void Tice F. DeYoung Fed/ED 16 June ‘04.

Slides:

Advertisements

Similar presentations

Policy development workshop The role and characteristics of appropriate supportive policy within Bandwidth Management and Optimisation (BMO)

Advertisements

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

Federal PKI Architecture Update

PKI services in the Public Sector of the EU Member States Objectives and Methodology of the survey Prof. Sokratis K. Katsikas University of the Aegean,

The U.S. Federal PKI Richard Guida, P.E. Chair, Federal PKI Steering Committee Chief Information Officers Council

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

<<Date>><<SDLC Phase>>

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed June 2005.

The U.S. Federal PKI and the Federal Bridge Certification Authority

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Developing a Records & Information Retention & Disposition Program:

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress July 2004 Dartmouth PKI Summit.

Richard Guida, P.E. Member, Government Information Technology Services Board Chair, Federal PKI Steering Committee

Presentation to CAREGROUP Board of Directors Governing Your Networked IT Organization Ken Peffers Applicable IT Research, Inc. November 21, 2002.

UCLA Campus Wireless Pilot Initiative Update for ITPB 10/25/01.

BASIC PRINCIPLES IN OCCUPATIONAL HYGIENE Day CAREERS IN OCCUPATIONAL HYGIENE.

HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.

The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee.

The U.S. Federal PKI, 2004: Report to EDUCAUSE Peter Alterman, Ph.D. Assistant CIO for E-Authentication National Institutes of Health.

Public Key Infrastructure Ammar Hasayen ….

Best Practices Working Group June 19-21, 2001 Munich, Germany.

Implementing Security Education, Training, and Awareness Programs

Compliance with the WTO Technical Barriers to Trade Agreement and Steps Toward Developing Good Regulatory Practices Bryan O’Byrne Trade Compliance Center.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

NENA Development Conference | October 2014 | Orlando, Florida Security Certificates Between i3 ESInet’s and FE’s Nate Wilcox Emergicom, LLC Brian Rosen.

SALSA-NetAuth Joint Techs Vancouver, BC July 2005.

The evidence base for your Neighbourhood Plan Clive Keble MRTPI Planning Aid England Advisor.

The Evolving U.S. Federal PKI Richard Guida Chair, Federal PKI Steering Committee Federal Chief Information Officers Council

Supervision of Information Security and Technology Risk Barbara Yelcich, Federal Reserve Bank of New York Presentation to the World Bank September 10,

HEPKI-PAG Policy Activities Group David L. Wasley University of California.

1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

Engineering Essential Characteristics Security Engineering Process Overview.

Federal and State PKI Bridge Evolution: Cutting Across Stovepipes EDUCAUSE 2000 October 12th, 2000.

PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.

The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.

By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.

The Federal PKI Or, How to Herd Worms Peter Alterman Senior Advisor, Federal PKI Steering Committee.

PKI Summit August 2004 Technical Issues to Deploying PKI on Campuses.

Draft Policy Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors 59.

The Evolving Federal PKI Gary Moore Entrust Technologies Richard Guida Chair, Federal PKI Steering Committee.

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Systems Engineering “Understanding Where it Fits in Your Agency” a session in fhwa’s Systems Engineering t3 series aug. 02, 2007.

© 2015 Kilpatrick Townsend November 5-6, 2015 Tribal In-House Counsel Association Inaugural Conference Keynote Address Venus McGhee Prince.

6 Steps for Resolving Conflicts STEP 1. Begin the Process Calmly approach the person you are having the conflict with, and explain to them that you have.

HEBCA – The Operating Authority July 2005 Dartmouth PKI Summit.

State Telecommuting Program July 27, History of the Program State Pilot Program began in 1990 Expanded to allow all agencies to participate in.

Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council

Audit – Consultation – Ethics & Compliance – Enterprise Risk Management – Investigations Office of Internal Audit and Compliance Best Practices for Protecting.

Is Vendor Management The New Risk Management? Douglas DeGrote.

Session 2: Board-Staff Relations Margaret Prest Santa Barbara Student Housing Cooperative NASCO Staff and Managers Conference San Francisco, CA February.

Determinations / verifications under JI – Experience to date UNFCCC Technical Workshop on Joint Implementation Bonn, February 13 th, 2007 For the benefit.

Interoperability and the Evolving Federal PKI Richard Guida, P.E. Member, Government Information Technology Services Board Chair, Federal PKI Steering.

1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.

L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.

Law Firm Data Security: What In-house Counsel Need to Know

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

David L. Wasley Spring 2006 I2MM

Analytical Paper 9 June 2015.

Presentation transcript:

16 June ‘04Fed/ED1 Filling the FPKI Void Tice F. DeYoung Fed/ED 16 June ‘04

Fed/ED2 Void, What Void? Two extremes in the Federal PKI Space –FPKI Policy Authority (FPKI-PA) High level policy wonks CPWG to map policy compliance –FBCA Operational Authority (FBCA-OA) Low level bit twiddlers FBCA TWG for FBCA specific issues Nothing between these two areas –QED, a void in the middle

16 June ‘04Fed/ED3 How to Fill the Void Need an FPKI group that sits below the high level policy wonks and above the bit twiddlers –A group that will Answer agencies questions about PKI Discuss technical issues and future directions in FPKI Host a FAQ list about PKI with answers and how to dos –A group that will act As a mentor to other agencies As an intelligent clearing house –A group that will tackle the inter-agency issues associated with public key infrastructure Tries to solve the issue of public encryption keys for addressees outside their own agency Looks at the issue of full path discovery and validation for every transaction

16 June ‘04Fed/ED4 What Questions About PKI? How do they go about implementing PKI? –What is PKI and who are the vendors? –Do they do it themselves or outsource it to another US Government Agency or ACES vendor or a Shared Service Provicer (SSP)? If they outsource it, do they –archive the keys themselves or outsource it? –provide the Registration Authority or do they outsource the function? –participate in any of the management function or not? If they want to do it themselves, can they justify it? –Specific reasons that they must maintain control of their PKI –Business case that in-house is more cost effective

16 June ‘04Fed/ED5 Mentor and Clearinghouse, How? Provide a safe haven where they won’t feel foolish –A place where they will be welcomed as equals –A place where people don’t have ulterior motives (for the most part) –A place where they will get the help they need Provide a clearinghouse for PKI –Prevent re-inventing the PKI wheel, yet again –Share war stories –Share documents –Share ideas

16 June ‘04Fed/ED6 What FBCA Discussions? Technical issues –Should the FBCA expand beyond CRLs only? OCSPSCVP XKMSOthers? –How do we solve the bridge to bridge to bridge problem? Meta bridge?God like trust anchor? Trusted bridge cloud or axle? –Should we look at new architectures for the FBCA? –Are there newer technologies that are better? Future Directions for FPKI

16 June ‘04Fed/ED7 What Inter-Agency Issues? Current system doesn’t support retrieving public encryption keys from outside your own agency –Why not? –Can it be made to? Full path discovery and validation for every transaction –Is it necessary? –Are there secure alternatives? Time out issues, are they inherent in the system?

16 June ‘04Fed/ED8 Still Not Convinced? Current FPKI-PA and FBCA-OA folks May Not Have the Time or the Inclination to Take on More Responsibilities Current FPKI-PA and FBCA-OA Don’t Necessarily Have the Right People for the Job –Policy wonks may not know technical implications –Bit twiddlers may not know policy implications Need a group that can speak policy & technical jargon Vendors are in the Business of Making $$ –USG has to be aware of its options –Vendors will gladly sell you something, even if it may not be the right thing How will agencies know the difference?

16 June ‘04Fed/ED9 Where Will It Fit & How Will it Function? The FPKI AdHoc Working Group (FPKI-AHWG) may be a working group of the FPKI-PA The FPKI-AHWG may be a special US Government employees only session of the FPKI-TWG It will in either case report to the FPKI-PA on technical & policy issues It will advise the FPKI-PA on policy matters that have technical implications It will advise the FBCA-OA on technical matters that may have policy implications The group will be comprised of USG agencies cross-certified with the FBCA –Special technical and policy experts will be brought in as needed

16 June ‘04Fed/ED10 Additional Stuff, Thanks to Steve Roberts, DoJ PKI Within this group, things that are needed by all agencies could be worked to provide things like: –Necessary FPKI Architecture adjustment recommendations and future direction; –Architecture Value Reporting for Federal Agencies; –Agency Service Option Assessments that help agencies select an appropriate service (e.g., ACES, SSPs, Outsourced, etc.); –Develop Personnel Position Description for PKI Trusted Roles, RA functions, Help Desk responsibilities, etc.; –Federal Archive Recommendations; –Report on the status of PKI deployments Federal Government wide; –Document/Collect Lessons Learned; –Third Party and Trusted "sounding board" for evaluating vendor proposals and recommendations;

16 June ‘04Fed/ED11 Discussion Questions, Comments, Slings & Arrows?