GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011.

Slides:

Advertisements

Similar presentations

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Advertisements

1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.

TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.

This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.

Paul D. Grant Special Assistant, Federated Identity Management and External Partnering Office of the DoD CIO Co-Chair, Identity, Credential.

CLARIN and the DSA Paul Trilsbeek The Language Archive Max Planck Institute for Psycholinguistics.

Step-up Authentication as-a Service Pieter van der Meulen Technical Product Manager.

TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.

Componentization of FICAM TFS into Trustmarks Sample FICAM Trustmark Definition Overview of Trustmark Issuance and Binding Agenda.

John Wandelt Mar National Information Sharing and Safeguarding How can the ISE support? Reduce information sharing frictionReduce information sharing.

US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.

A View into the Mi$t 1 RL "Bob" Morgan University of Washington Co-chair, InCommon Technical Advisory Committee.

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

1 Enabling Open Government Using the OIDF/ICF Open Trust Framework OASIS Identity Management 2009 September 29, 2009 Don Thibeau, ED, OpenID Foundation.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.

GFIPM Web Services Implementation Status Update GFIPM Delivery Team Meeting November 2011.

GFIPM Deliverables Overview GFIPM Delivery Team Meeting November 2011.

GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.

This presentation was prepared by Georgia Tech Research Institute using Federal funds under award 70NANB13H189 from National Institute of Standards and.

FIM-ig Federated Identity Management Interest Group.

Policy, Trust and Technology Mitigating Risk in the Digital World David L. Wasley Camp 2006 © David L. Wasley, 2006.

Global Federated Identity & Privilege Management GFIPM John Ruegg, Director LA County ISAB United States Department of Justice.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.

TFTM Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities.

InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb

Requirements Development & Template Presentation to All Chairs 8/12/2014.

Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.

Identity Management Report By Jean Carreon and Marlon Gonzales.

GFIPM Metadata Status Update GFIPM Delivery Team Meeting November 2011.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.

TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.

IDENTITY ASSURANCE PROFILES AND FRAMEWORK DOCUMENTS: PEEK INTO PROPOSED FICAM CHANGES 12/12/12 1.

A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.

TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.

Enforcement mechanisms for distributed authorization across domains in UMA – aka “UMA trust” Eve Maler | 22 Aug 2012 draft.

Identity Assurance: When it Matters David L. Wasley Internet2 / InCommon.

Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.

Navigating the Standards Landscape Andrew Owen SEARCH.

Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.

Cybersecurity : Optimal Approach for PSAPs

Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.

The UK Access Management Federation John Chapman Project Adviser – Becta.

Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011.

Identity Federations: Here and Now David L. Wasley Thomas Lenggenhager Peter Alterman John Krienke.

EGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011.

Don Thibeau, Executive Director, OpenID Foundation (OIDF) Drummond Reed, Executive Director, Information Card Foundation (ICF)

REFEDS. Rome, October 2009 Attribute space: LoAs, aggregation and reputation.

Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.

Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.

Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

The Venn of Levels RL “Bob” Morgan, University of Washington / Internet2 / InCommon TERENA/Refeds, October 2009 Rome, IT.

EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.

Shibboleth Roadmap

Higher Education’s Role in the Identity Ecosystem

Technical Approach Chris Louden Enspier

Appropriate Access InCommon Identity Assurance Profiles

Presentation transcript:

GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011

What is FICAM? PersonsNon-Persons Logical Access Physical Access

PIV Credentials PIV- Interoperable Credentials Open Solutions - OpenID - iCard - SAML - WSFed - Etc. U.S. Federal PKI Trust Frameworks ICAM Identity Assurance Governance

FICAM Relation to GFIPM FICAM/GFIPM: – GFIPM can gain wider adoption of standards by conforming to FICAM framework Involves mostly minor changes to GFIPM specs Already identified required changes FICAM/NIEF: – NIEF can grow in size and scope by becoming a FICAM Trust Framework Provider (TFP) Requires GFIPM changes as a prerequisite

FICAM Trust Framework Provider Adoption Process (TFPAP) FICAM structure includes “Trust Framework Providers” (TFPs) TFP Adoption Process – Defines criteria for becoming a TFP – Criteria differ by NIST LOA Several TFPs adopted – Includes InCommon, others – None at NIST LOA-3 yet

NIEF Adoption as FICAM TFP: History and Current Status “FICAM TFP Self-Assessment for NIEF” – Document written by GTRI in Summer 2011 – Lays out six (6) steps required for TFP adoption See next slide – Reviewed by FICAM reps w/ positive feedback – Available for review Next Step: Begin working through the steps – Timeline is TBD (Funding?)

Steps for NIEF TFP Adoption (1-3) 1.Make minor alterations to the GFIPM Web Browser User-to- System Profile, and adopt it for use by NIEF IDPs and SPs. – Must conform to FICAM SAML Profile. 2.Adopt a more clearly defined set of requirements regarding IDP assertion of identities at NIST LOA 2 and LOA 3 as defined in NIST Special Publication – Draft policy language already written. 3.Adopt a new set of policies regarding IDP and SP compliance with FICAM policies to protect the privacy of end-user data. Source: “FICAM TFP Self-Assessment for NIEF”

Steps for NIEF TFP Adoption (4-6) 4.Develop appropriate frameworks and procedures to facilitate audits of both the NIEF Center and NIEF IDPs for compliance with applicable policies. – Could entail significant cost. 5.Extend the GFIPM Metadata Spec to include a new entity attribute to express the maximum NIST LOA (or to list all LOAs) at which an IDP may assert identities. 6.Formally submit a FICAM TFP Assessment Package, and work with the FICAM Assessment Team as needed during the assessment process. Source: “FICAM TFP Self-Assessment for NIEF”