Presentation is loading. Please wait.

Presentation is loading. Please wait.

NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.

Published byCurtis Harrington Modified over 9 years ago

Similar presentations

Presentation on theme: "NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop."— Presentation transcript:

1 NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006

2 14th Fed/Ed Workshop 14 December ‘06 2 NASA PIV System Constraints  The NASA PIV System will meet the following constraints: Utilize the existing and evolving NASA networks Utilize the NASA Operational Certificate Authority (NOCA) Integrate with NASA authentication services; specifically those provided by the Agency Public Key Infrastructure (PKI), the Agency Enterprise Directory, and the Agency Active Directory Integrate with existing and evolving identity data management products, tools and processes, specifically those provided by the NASA Integrated Services Environment (NISE) Meet HIGH IT Security information categorization for Personal Identity and Authentication and Security Management Reflect guidance, direction, and requirements provided by the NASA Office of the Chief Information Officer (OCIO), NASA Office of Security and Program Protection (OSPP), OMB and NIST

3 14th Fed/Ed Workshop 14 December ‘06 3 NASA PIV Status  NASA Operational CA (NOCA) Key Generation Ceremony completed 22 September ‘06  PIV 1 process and PIV 2 compliance demonstrated with 27 October ‘06 cards issued to two people (Karen Petraska and Walter Hussey)  Completed draft of PIV Design Document  Completed Biometrics Requirements Document  Completed Test Card Procurement; production card award in process  Conducted successful PIV Preliminary Design Review (PDR), 15 November ‘06  Received PDR comments; currently dispositioning them  Complete biometrics Proof of Concept by 22 December ‘06

4 14th Fed/Ed Workshop 14 December ‘06 4 NASA PIV High Level Requirements The NASA PIV System shall: Comply with FIPS 201 requirements for applicant enrollment, card production, and card issuance for Federal employees Create and store new identities for new NASA employees, contractors and partners Track information related to identity proofing documents, fingerprints, and background checks Issue a PIV-II compliant Smart Card badge that contains a PKI identity certificate and capability for optional PIV certificates Manage the issuance lifecycle for PIV-II compliant Smart Cards Flow information appropriately through interconnected NASA systems (AD, CIMS, CBACS) Produce NASA PIV cards for which CBACS is able to enable physical access control Provide NASA data via automated interface to Office or Personnel Management (OPM) and/or Federal Bureau of Investigation (FBI) in acceptable format Support commercial bulk printing of NASA PIV cards as well as Face-to- Face NASA PIV printing Within all subsystem components, meet NIST 800-53 HIGH controls

5 14th Fed/Ed Workshop 14 December ‘06 5 Issues  Storage of fingerprints during PIV process??  Requirements for number of certificates to be accommodated by data model and plan for implementation phasing??  Interim versus final identity proofing and registration processes OPM questions (type 4 vs type 14, MOU, electronic links, etc.)  Document verification  Roles clarification (PIV process – FIPS 201, HR Desk Reference Guide, NASA OSPP processes and guidance, business architecture)  Processes for badges that require physical/logical access for fewer than 180 days  Training, change management and test strategy

6 14th Fed/Ed Workshop 14 December ‘06 6 Remaining Major Tasks  Decision/Input Point for Batch versus F2F printing  Finalizing production badge templates  Complete Use Cases and processes for life cycle management for card holders and cards  Key Management process between Oberthur and NASA  Clarify CMS Card Identification Number (CIN)  Complete Security Plan, Test Plan, Training Plan  Complete Biometric Proof-of-Concept & procurement  Workflow development and interface  NOCA production transition  Production card profiles and batch process

7 14th Fed/Ed Workshop 14 December ‘06 7 IDMAX – Identity Management and Account Exchange CIMS – Cyber Identity Management System NASA PIV Target Architecture NASA PIV Target Architecture CMS DB IDMAX NOCA Certificate Authority Certificate Authority OCSP Employee Data Certificates & Requests Verification Certificate Employee Data, UUPIC Smart Card Contactless Biometric Live Scan Fargo Printer (w/ magstripe) Digital Camera Enrollment / Finalization Enrollment / Finalization Name, CHUID, Legacy Prox ACL PACS Enrollment & Encoding Data Locator Center DB HR Account Authorization PIV Events PACS – Physical Access Control System LACS – Logical Access Control System NDC AD CIMS PKI x.500 Enterprise LDAP Biometric Server CMS / BMS BIO DB PIV Services PIV Services Employee Data, UUPIC LACS

Download ppt "NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop."

Similar presentations

HiPath SIcurity Card Manager Smartcard Management and Personalization System Sales Presentation.

HiPath SIcurity Card Manager Smartcard Management and Personalization System Sales Presentation.
For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.
June 27, 2005 Preparing your Implementation Plan.

June 27, 2005 Preparing your Implementation Plan.
FIPS 201 Framework: Special Pubs 800-73,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.

FIPS 201 Framework: Special Pubs ,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.
Mobile Devices in the DoD

Mobile Devices in the DoD
Brian Epley, VA PIV Program Manager

Brian Epley, VA PIV Program Manager
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.

1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.
Public Key Infrastructure (PKI) Hosting Services.

Public Key Infrastructure (PKI) Hosting Services.
Department of Health and Human Services Personal Identity Verification Training APPLICANT.

Department of Health and Human Services Personal Identity Verification Training APPLICANT.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.

NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.
U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Issuers.

U.S. Department of Agriculture HSPD 12 Program HSPD 12 Personal Identity Verification (PIV) I Core Training: Issuers.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
United States DoD Public Key Infrastructure: Deploying the PKI Token

United States DoD Public Key Infrastructure: Deploying the PKI Token
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
Department of Labor HSPD-12

Department of Labor HSPD-12

Similar presentations

Ads by Google