Presentation is loading. Please wait.

Presentation is loading. Please wait.

NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.

Published bySuzanna Phillips Modified over 5 years ago

Similar presentations

Presentation on theme: "NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006."— Presentation transcript:

1 NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD
14th Fed/Ed Workshop December 14, 2006

2 NASA PIV System Constraints
The NASA PIV System will meet the following constraints: Utilize the existing and evolving NASA networks Utilize the NASA Operational Certificate Authority (NOCA) Integrate with NASA authentication services; specifically those provided by the Agency Public Key Infrastructure (PKI), the Agency Enterprise Directory, and the Agency Active Directory Integrate with existing and evolving identity data management products, tools and processes, specifically those provided by the NASA Integrated Services Environment (NISE) Meet HIGH IT Security information categorization for Personal Identity and Authentication and Security Management Reflect guidance, direction, and requirements provided by the NASA Office of the Chief Information Officer (OCIO), NASA Office of Security and Program Protection (OSPP), OMB and NIST

3 NASA PIV Status NASA Operational CA (NOCA) Key Generation Ceremony completed 22 September ‘06 PIV 1 process and PIV 2 compliance demonstrated with 27 October ‘06 cards issued to two people (Karen Petraska and Walter Hussey) Completed draft of PIV Design Document Completed Biometrics Requirements Document Completed Test Card Procurement; production card award in process Conducted successful PIV Preliminary Design Review (PDR), 15 November ‘06 Received PDR comments; currently dispositioning them Complete biometrics Proof of Concept by 22 December ‘06

4 NASA PIV High Level Requirements
The NASA PIV System shall: Comply with FIPS 201 requirements for applicant enrollment, card production, and card issuance for Federal employees Create and store new identities for new NASA employees, contractors and partners Track information related to identity proofing documents, fingerprints, and background checks Issue a PIV-II compliant Smart Card badge that contains a PKI identity certificate and capability for optional PIV certificates Manage the issuance lifecycle for PIV-II compliant Smart Cards Flow information appropriately through interconnected NASA systems (AD, CIMS, CBACS) Produce NASA PIV cards for which CBACS is able to enable physical access control Provide NASA data via automated interface to Office or Personnel Management (OPM) and/or Federal Bureau of Investigation (FBI) in acceptable format Support commercial bulk printing of NASA PIV cards as well as Face-to-Face NASA PIV printing Within all subsystem components, meet NIST HIGH controls

5 Issues Storage of fingerprints during PIV process??
Requirements for number of certificates to be accommodated by data model and plan for implementation phasing?? Interim versus final identity proofing and registration processes OPM questions (type 4 vs type 14, MOU, electronic links, etc.) Document verification Roles clarification (PIV process – FIPS 201, HR Desk Reference Guide, NASA OSPP processes and guidance, business architecture) Processes for badges that require physical/logical access for fewer than 180 days Training, change management and test strategy

6 Remaining Major Tasks Decision/Input Point for Batch versus F2F printing Finalizing production badge templates Complete Use Cases and processes for life cycle management for card holders and cards Key Management process between Oberthur and NASA Clarify CMS Card Identification Number (CIN) Complete Security Plan, Test Plan, Training Plan Complete Biometric Proof-of-Concept & procurement Workflow development and interface NOCA production transition Production card profiles and batch process

7 NASA PIV Target Architecture
CMS DB IDMAX NOCA Certificate Authority OCSP Employee Data Certificates & Requests Verification Certificate Employee Data, UUPIC Smart Card Contactless Biometric Live Scan Fargo Printer (w/ magstripe) Digital Camera Enrollment / Finalization Name, CHUID, Legacy Prox ACL PACS Enrollment & Encoding Data Locator Center DB HR Account Authorization PIV Events PACS – Physical Access Control System LACS – Logical Access Control System NDC AD CIMS PKI x.500 Enterprise LDAP Server CMS / BMS BIO DB PIV Services LACS IDMAX – Identity Management and Account Exchange CIMS – Cyber Identity Management System

Download ppt "NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006."

Similar presentations

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.
June 27, 2005 Preparing your Implementation Plan.

June 27, 2005 Preparing your Implementation Plan.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Mobile Devices in the DoD

Mobile Devices in the DoD
Brian Epley, VA PIV Program Manager

Brian Epley, VA PIV Program Manager
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.

1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.

NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.
U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Issuers.

U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Issuers.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
United States DoD Public Key Infrastructure: Deploying the PKI Token

United States DoD Public Key Infrastructure: Deploying the PKI Token
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
Department of Labor HSPD-12

Department of Labor HSPD-12
U.S. Department of Justice Drug Enforcement Administration Office of Diversion Control Electronic Prescriptions for Controlled Substances Michelle Ferritto,

U.S. Department of Justice Drug Enforcement Administration Office of Diversion Control Electronic Prescriptions for Controlled Substances Michelle Ferritto,
1/13/05NCASSR PNNL Visit1 Security Tools Area Overview, Credential Management Services, and the PKI Testbed Jim Basney Senior Research Scientist

1/13/05NCASSR PNNL Visit1 Security Tools Area Overview, Credential Management Services, and the PKI Testbed Jim Basney Senior Research Scientist
National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.

National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.
NIST Special Publication 800-76 Biometric Data Specification for Personal Identity Verification March 3, 2006 Update.

NIST Special Publication Biometric Data Specification for Personal Identity Verification March 3, 2006 Update.

Similar presentations

Ads by Google