1. National Institutes of Health Interfederation Initiatives Peter Alterman, Ph.D. Assistant CIO for e-Authentication

2. 2 NIH Interfederation Goals Trust credentials issued by business partners at known Levels of Assurance Lower costs to all Simplify transactions for customers

3. 3 NIH Interfederation Process 1.Identify need (internal and/or external process) 2.Engage Policy Mapping with Candidate Federations 3.Engage Technical Interoperability Testing with Candidate Federations 4.Draft and sign MOAs (yes, the lawyers) 5.Regular reviews

4. 4 NIH Service Provider Architecture NIH SSO Level 1 apps Level 2 apps Level 3 apps Level 4 apps NIH SSO CSP validationFed PKI validation Local AuthZ Local AuthZ Local AuthZ Local AuthZ Level 3 apps

5. 5 Federated Credential Validation Model NIH SSO End user credential Userid/passwords Validated @ issuer Parse credential Digital certificates validated directly @ CA Digital certificates validated via Federal PKI Architecture Issuer known/trusted? Reject no SAML assertions Validated @ issuer yes

6. 6 Who Does NIH SSO Trust Now … and How Much? InCommon Member users: 1 (2 pending) U Tx Sys Adm PKI end users 2 All Feds And Contractors w/ HSPD-12 creds 3 & 4 End Users with PKI creds from FPKI xcert CAs 3 & 4 End Users with Grants.gov Userid/pswd 2 End Users with eAuth creds 1 & 2 Users with NIH AD Accounts 3

7. 7 Federated Online Apps – Phase I NCI Tumor Microenvironment Network TMEN eRA Fed PKI Policy Authority Doc Mgt Sys HSPD-12 NIH Communication Officers Network Firebird Departmental Systems (cross-Operating Divisions) NIAID Training caBIG/caGrid NIH Library NCRR Grant Reporting System NICHD Clinical reporting system Level 1 appsLevel 2 appsLevel 3 appsLevel 4 apps

8. 8 Questions?

9. 9 U.S. Federal Trust Mapping E-Auth Level 1 E-Auth Level 2 E-Auth Level 3 E-Auth Level 4 FPKI Rudimentary; C4 FPKI Medium/HW & Medium/HW-cbp FPKI Basic FPKI Medium & Medium-cbp FPKI High (governments only) HSPD-12- compatible HSPD-12- compatible FRAC, TWIC, ACIS