Presentation is loading. Please wait.

Presentation is loading. Please wait.

NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.

Similar presentations


Presentation on theme: "NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop."— Presentation transcript:

1 NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006

2 14th Fed/Ed Workshop 14 December ‘06 2 NASA PIV System Constraints  The NASA PIV System will meet the following constraints: Utilize the existing and evolving NASA networks Utilize the NASA Operational Certificate Authority (NOCA) Integrate with NASA authentication services; specifically those provided by the Agency Public Key Infrastructure (PKI), the Agency Enterprise Directory, and the Agency Active Directory Integrate with existing and evolving identity data management products, tools and processes, specifically those provided by the NASA Integrated Services Environment (NISE) Meet HIGH IT Security information categorization for Personal Identity and Authentication and Security Management Reflect guidance, direction, and requirements provided by the NASA Office of the Chief Information Officer (OCIO), NASA Office of Security and Program Protection (OSPP), OMB and NIST

3 14th Fed/Ed Workshop 14 December ‘06 3 NASA PIV Status  NASA Operational CA (NOCA) Key Generation Ceremony completed 22 September ‘06  PIV 1 process and PIV 2 compliance demonstrated with 27 October ‘06 cards issued to two people (Karen Petraska and Walter Hussey)  Completed draft of PIV Design Document  Completed Biometrics Requirements Document  Completed Test Card Procurement; production card award in process  Conducted successful PIV Preliminary Design Review (PDR), 15 November ‘06  Received PDR comments; currently dispositioning them  Complete biometrics Proof of Concept by 22 December ‘06

4 14th Fed/Ed Workshop 14 December ‘06 4 NASA PIV High Level Requirements The NASA PIV System shall: Comply with FIPS 201 requirements for applicant enrollment, card production, and card issuance for Federal employees Create and store new identities for new NASA employees, contractors and partners Track information related to identity proofing documents, fingerprints, and background checks Issue a PIV-II compliant Smart Card badge that contains a PKI identity certificate and capability for optional PIV certificates Manage the issuance lifecycle for PIV-II compliant Smart Cards Flow information appropriately through interconnected NASA systems (AD, CIMS, CBACS) Produce NASA PIV cards for which CBACS is able to enable physical access control Provide NASA data via automated interface to Office or Personnel Management (OPM) and/or Federal Bureau of Investigation (FBI) in acceptable format Support commercial bulk printing of NASA PIV cards as well as Face-to- Face NASA PIV printing Within all subsystem components, meet NIST 800-53 HIGH controls

5 14th Fed/Ed Workshop 14 December ‘06 5 Issues  Storage of fingerprints during PIV process??  Requirements for number of certificates to be accommodated by data model and plan for implementation phasing??  Interim versus final identity proofing and registration processes OPM questions (type 4 vs type 14, MOU, electronic links, etc.)  Document verification  Roles clarification (PIV process – FIPS 201, HR Desk Reference Guide, NASA OSPP processes and guidance, business architecture)  Processes for badges that require physical/logical access for fewer than 180 days  Training, change management and test strategy

6 14th Fed/Ed Workshop 14 December ‘06 6 Remaining Major Tasks  Decision/Input Point for Batch versus F2F printing  Finalizing production badge templates  Complete Use Cases and processes for life cycle management for card holders and cards  Key Management process between Oberthur and NASA  Clarify CMS Card Identification Number (CIN)  Complete Security Plan, Test Plan, Training Plan  Complete Biometric Proof-of-Concept & procurement  Workflow development and interface  NOCA production transition  Production card profiles and batch process

7 14th Fed/Ed Workshop 14 December ‘06 7 IDMAX – Identity Management and Account Exchange CIMS – Cyber Identity Management System NASA PIV Target Architecture NASA PIV Target Architecture CMS DB IDMAX NOCA Certificate Authority Certificate Authority OCSP Employee Data Certificates & Requests Verification Certificate Employee Data, UUPIC Smart Card Contactless Biometric Live Scan Fargo Printer (w/ magstripe) Digital Camera Enrollment / Finalization Enrollment / Finalization Name, CHUID, Legacy Prox ACL PACS Enrollment & Encoding Data Locator Center DB HR Account Authorization PIV Events PACS – Physical Access Control System LACS – Logical Access Control System NDC AD CIMS PKI x.500 Enterprise LDAP Biometric Server CMS / BMS BIO DB PIV Services PIV Services Employee Data, UUPIC LACS


Download ppt "NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop."

Similar presentations


Ads by Google