Presentation is loading. Please wait.

Presentation is loading. Please wait.

IDENTITY ASSURANCE PROFILES AND FRAMEWORK DOCUMENTS: PEEK INTO PROPOSED FICAM CHANGES 12/12/12 1.

Published byAmanda Carroll Modified over 9 years ago

Similar presentations

Presentation on theme: "IDENTITY ASSURANCE PROFILES AND FRAMEWORK DOCUMENTS: PEEK INTO PROPOSED FICAM CHANGES 12/12/12 1."— Presentation transcript:

1 IDENTITY ASSURANCE PROFILES AND FRAMEWORK DOCUMENTS: PEEK INTO PROPOSED FICAM CHANGES 12/12/12 1

2 Topics Background Big pic Detailed pic 12/12/12 2

3 Program Basics: Documents Identity Assurance Assessment Framework Identity Assurance Profiles Bronze (NIST Level 1) Silver (NIST Level 2) Assurance Addendum to the Participation Agreement 3 12/12/12

4 Program Basics: Assurance Advisory Committee (AAC) What is the AAC, and what does it do? Represents stakeholders in the assurance process: IdPs, SPs, auditors Oversight for program Advisory to Steering Assess applications, recommend approval (or denial) to Steering Recommend changes to documents or program

5 Program Basics: Assurance Advisory Committee (AAC) Who is the AAC? Tim Cameron, National Student Clearinghouse (SP) Mary Dunker, Chair, Virginia Tech University (IdP) Steve Devoti, University of Wisconsin-Madison (IdP) 2 nd Auditor Jacob Farmer, Indiana University (member at large) Chris Holmes, Baylor University (InCommon Steering) Scott Koranda, University of Wisconsin-Milwaukee/LIGO (SP) Steve Kurncz, Michigan State University (auditor) Ann West, InCommon/Internet2 (InCommon staff) 12/12/12 5

6 Assurance Advisory Committee (AAC) Ex-Officio (non-voting) Marilyn McMillan, New York University (InCommon Steering) Tom Barton, University of Chicago (InCommon TAC) Renee Shuey, Penn State (InCommon TAC) Jack Suess, UMBC (InCommon Steering) For more information, visit http://www.incommon.org/assurance/aac.html 12/12/12 6

7 FICAM Trust Framework Providers Identity Credential and Access Management Subcommittee Federal CIO Council Information Security and Identity Management Committee Trust Framework Provider Adoption Process (2009) Comparability assessment 800-63 as basis for LoA requirements. Incorporates previous work done by the Feds as well under E-Authentication Initiative Privacy, organizational maturity, legal status, authority for InCommon and for InCommon to assess for IdP Operators Web SSO SAML2 Profile: Over the wire Trust Framework Providers InCommon, Kantara, OIX, Safe/BioPharma 12/12/12 7

8 InCommon’s History with FICAM 2009-2010 Spring - 1.0 begun review by FICAM. Community implememtatino begun. Fall - Refining of Silver begun due to community feedback 2011 Spring – 1.1 Reviewed and approved by community Fall – FICAM asks for Simplified Bronze. InCommon develops 1.2. 2012 Spring – 1.0 and InCommon fullly approved TFP. 1.2 reviewed and approved by community. InCommon submits1.2 to FICAM for their approval. Est. 2013 January – 1.2 approved by FICAM. 12/12/12 8

9 What’s the hold up? This is a new audit! Federal availability FICAM program evolving Negotiating on behalf of Higher Ed Changes reflected in 1.2 requires resubmission for the spec Big pic items 12/12/12 9

10 Alternative Means IAAF 1.1: “From time to time, InCommon may identify alternative means developed by experts from the Research & Higher Education sector as specifying means that are comparable or superior to identified requirements in one or more of its IAPs. “ Page 2: “Normative criteria to be used in an assessment process are expressed in separate Identity Assurance Profile and approved alternative means documents.” 12/12/12 10

11 Who’s Spec is it Anyway? Hot potato Time and Trust How do we evaluate these things? Who gets to say? Where will this show up? Authentication technologies: multifactor Cryptography: AD Silver Cookbook Identity proofing: knowledge-based 12/12/12 11

12 Other Big Pics: Where we are… Bronze audit and no-audit option Bronze and 4.2.4 Credential Issuance and Management Bronze and protection of PII Registration and Credential Records Retention – 7.5 years  Approved Algorithm – Alternative Means  Scope: Profiles are password only – Alternative Means 12/12/12 12

13 What’s Next? Develop Process for Alternative Means with Assurance Advisory Committee Continue discussion to work through a couple detailed questions Work on FICAM approval expected January 2013 Publish FICAM-approved spec for community review Announce implementation extravaganza and programs! 12/12/12 13

Download ppt "IDENTITY ASSURANCE PROFILES AND FRAMEWORK DOCUMENTS: PEEK INTO PROPOSED FICAM CHANGES 12/12/12 1."

Similar presentations

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,

Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
TFTM 01-06 Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, 2014 1-14-2014IDESG TFTM Committee1.

TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
TIER – before, now and after If you do not talk this will be a very long hour because we can only repeat the same stuff for so long… 1.

TIER – before, now and after If you do not talk this will be a very long hour because we can only repeat the same stuff for so long… 1.
This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.

This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department of Commerce, National Institute of Standards.
Going for the Silver Winter 2010 CSG January 13, 2010.

Going for the Silver Winter 2010 CSG January 13, 2010.
Identity Assurance Profiles & Trust Federations David Bantz, U Alaska Tom Barton, U Chicago Ann West, Internet2 & InCommon David Bantz, U Alaska Tom Barton,

Identity Assurance Profiles & Trust Federations David Bantz, U Alaska Tom Barton, U Chicago Ann West, Internet2 & InCommon David Bantz, U Alaska Tom Barton,
InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.

InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.
Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.

Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.
EDUCAUSE Best Practices Build Better Systems Ann West, InCommon Dedra Chamberlin, UC Berkeley.

EDUCAUSE Best Practices Build Better Systems Ann West, InCommon Dedra Chamberlin, UC Berkeley.
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.

Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.

Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.

US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Mary Dunker Common Solutions Group January 12, 2010.

Mary Dunker Common Solutions Group January 12, 2010.

Similar presentations

Ads by Google