Presentation is loading. Please wait.

Presentation is loading. Please wait.

EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.

Similar presentations


Presentation on theme: "EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005."— Presentation transcript:

1 eAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005

2 eAuthentication Background HSPD-12 ● Mandates of federal agencies to issue ID credentials using FIPS-201 identity proofing procedures beginning October 2005 ● Mandates all federal agencies begin issuing SmartCards with Medium assurance digital certs by October 2006

3 eAuthentication Program ● Provide a single source of identity authentication for federal agency applications – NSF’s FastLane grant application and communication package ● To develop and promulgate policies and procedures to sustain a common identity federation for the federal government in support of eGov ● Burton Group report http://www.cio.gov/eauthentication/documents/BurtonGroupEAreport.pdf

4 Summary of eAuthentication Approach Four levels of assurance (LOA)  LOA 1 and 2 are assertion-based – such as userid/password, SAML, Shibboleth  LOA 3 and 4 are cryptographically-based – such as PKI  LOA level required to be based on Risk Assessment

5 Summary of eAuthentication Approach Agency Applications Agency Applications (resource provider) determine their own authorization requirements Rely on credentials issued by external Credential Service Providers who submit to an assessment based on a Credential Assessment Framework – CAF’ing

6 Credential Assessment Framework Create a federated circle of trust A structured methodology and procedure for evaluating the LOA of a Credential Service Provider’s (CSP) credentials An assessment team visits and evaluates the CSP A process for conflict resolution established

7 Federation Interoperability Interfederation Interoperability Work Group InCommon Use Shibboleth middleware technical protocols “Policy” light E-Authentication US Identity Federation Use a variety of technical protocols Policy intensive

8 Federation Interoperability Proof of Concept Technical interoperability of identity credentials and utilities has been demonstrated Production level interoperability is built into Shibboleth 1.3 beta Credential assessment of 4 Universities

9 Resources E-Authentication home http://www.cio.gov/eauthentication NIST http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63v6_3_3.pdf E-Authentication Credential Assessment Suite http://www.cio.gov/eauthentication/CredSuite.htm Credential Assessment Framework http://www.cio.gov/eauthentication/documents/CAF.pdf


Download ppt "EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005."

Similar presentations


Ads by Google