Leveraging the LincPass in USDA

Size: px
Start display at page:

Download "Leveraging the LincPass in USDA"

Transcription

1 Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010

2 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass (USDA s FIPS-201 compliant PIV card) for more than just identity Two-Factor Authentication First rolled out for laptop users, then to desktop computers Uses the LincPass+PIN to authenticate to Agency domains (and soon for physical access) Integration with USDA eauthentication Digital Signature Uses the digital signature certificate on the LincPass Enables users to digitally sign documents (e.g., PDFs, Word docs, etc.) and s Working with Agencies to streamline processes to take advantage of digital signatures and reduce paper shuffling Working with application developers and COTS providers to make use of LincPass digital signature capabilities

3 Innovations & Operational Architecture (IOA) Selection & Rollout Business Requirements Analysis Direct Select Governance Measure Control Portfolio Selection C o m m Brief Version Roadmap Version Architecture Version Project Plan Version IOA Mission: Provide USDA-wide direction to identify, architect, and implement emerging technologies and solutions in a timely manner to enhance the delivery and quality of business. Agency Input Federal Input Policy & Regulation Industry Trends Emerging Technologies FEA/FSAM Input Baseline Business Architecture Portfolio Assessment Baseline IT Architecture Business Requirements Analysis Direct Select Governance Measure Control Portfolio Selection m u ni c at C o m municat Gap Analysis i o n Brief Version Roadmap Version Architecture Version Project Plan Version Agency Input Federal Input Policy & Regulation Industry Trends Emerging Technologies FEA/FSAM Input Baseline Business Architecture Portfolio Assessment Baseline IT Architecture u ni c at C o m m u ni c at Gap Analysis Project Charter Preliminary Scope Statement i on Initiate Business Cases Deliverable List (WBS) Identify Stakeholders Develop Use Cases Requirements Specification Detailed Process Maps Business Case Version Plan Communication Plan Marketing Plan Risk Management Plan Quality Plan Project Plan Test Plan Training Plan Help Desk Plan Transition Plan Procurement Plan Project Governance Roadmap Version Execute Direct & manage completion of deliverables Interaction, direction, and coordination with implementation team C o m m u n i c a t i o n s Architecture Version Transfer Implement Transition Plan Deliver Operations Guide Operational Governance: Quality Control & Change Control Project Plan Plan Version Methodology Business need drives solution selection Project plans include design, testing & proof of concept (pilot), marketing, funding plans, and ownership agreements Rollout plans involve proactive engagement of agency leadership, technical staff, training and help desk staff, and users 7

4 Next Projects for LincPass Utilization Enterprise VPN Enables remote access to USDA networks Employs network admission control policies to ensure both the user and the device are authorized Remote access to USDA networks requires two-factor user authentication, and the Enterprise VPN leverages the LincPass credential to meet this requirement eauthentication Single Sign-On USDA s eauthentication Service (key component of the USDA Identity, Credential, and Access Management (ICAM) vision) provides common authentication and single sign-on services for over 300 USDA Web-based applications Level 1, 2, or 3 accounts have been issued to over 300,000 USDA employees, contractors, and external customers Will be leveraging the USDA LincPass as a level 3 credential for USDA employees and contractors, resulting in single signon for those users 8

5 Status: Enterprise VPN Initial Project Scope Implement a common remote network access solution for all USDA sub-agencies Implement enterprise-wide network admission control and endpoint health policies Leverage the LincPass to ensure two-factor user authentication USDA Pilot Agencies: Farm Service Agency Natural Resources and Conservation Service Rural Development Agencies (Rural Housing Service, Rural Utilities Service, Rural Business-Cooperative Service) Food and Nutrition Service Project Status Completed enterprise infrastructure deployment Completed user acceptance testing and integration with the LincPass Executing agency pilots Planning for full agency deployments Initiate Plan Execute Transfer C o m m u n i c a t i o n s Benefits: Two-factor user authentication for remote network access Network admission control and endpoint health monitoring Tight integration with USDA s Identity, Credential and Access Management (ICAM) solution Automated monitoring, auditing, and reporting capability to meet FISMA and A-123 requirements Compliance with NIST and Departmental policies on remote network access 9

6 Status: eauthentication Single Sign-On Initial Project Scope Expand eauthentication Service to leverage the LincPass as a level 4 assurance credential Use the HSPD-12 PIV-1 background investigation process to improve identity proofing Project Status Completed solution development and testing Planning for initial agency pilot Schedule full Department deployment Initiate Plan Execute Transfer C o m m u n i c a t i o n s Benefits: LincPass integrated Increased security level access based on Two Factor Authentication Improved user experience Reduces number of ID and Password credentials you have to remember Reduced department helpdesk workload (password resets, forgotten user ID s, etc.) Single credential for both LACS & PACS Leveraging the LincPass in USDA for authentication, digital signing, and in the future encryption 10

7 Status of Digital Signatures Project Initial Project Scope Adobe Acrobat files and forms Versions 8 & 9 Microsoft Office (Word, Excel, PowerPoint) Versions 2003 & 3007 Microsoft Outlook Versions 2003 & 2007 USDA Pilot Agencies: OES... Federal Register Publishing. Business process under review & approval. APHIS... Forms Integration Project development in research and planning. FS.. FMMI & Paycheck8... Project in technical development & roll out planning. OASCR.. General Document Mgmt.. Reviewing current business processes for integration. ARS Application Integration.. Reviewing current applications for integration. OCIO.. AAR Management / Submission. Business process under review for update and approval. Project Status Completed proof of functionality, QA, and pilot rollout on Adobe and Microsoft products Completed project planning, rollout methodology, and processes Initiate Completed all documentation and training materials Plan Feb. 2010: Distribute communication to Agency CIOs on Digital Signatures. Execute March 2010: Developing policy with OCIO Cyber Security and OGC. Transfer Benefits: LincPass integrated Assurance that the information has not been altered since it was sent Provides a digital signature certificate that can be used for a non-repudiable digital signature Verification of the signer's digital identity Efficient, time saving, cost reducing alternative to wet ink signature 11 C o m m u n i c a t i o n s

8 Education at USDA Electronic vs. Digital Signatures The Digital Signature project helps Agencies implement digital signatures using the USDA LincPass Number 1 obstacle: Agencies don t understand the difference between electronic signatures and digital signatures (and vendors sometimes muddy the waters) USDA s LincPass provides a digital signature certificate that can be used for a non-repudiable digital signature Digital Signature 12

9 What is Non-Repudiation? Non-repudiation : Countering a claim that the signature is unauthorized or has no binding force Two common claims of repudiation: Not me Not what I signed A non-repudiable signature offers reasonable assurance that it was the person signing, and the file/record/ transaction is unchanged from when it was signed 13

10 What is an Electronic Signature? Electronic Signature : A token (sound, symbol, process) logically associated with an electronic record with intent to sign the record Example: A travel tracking system with a user ID/password access requires a manager click a button labeled Digital Signature to approve travel for her staff. Problems: single-factor; user ID not traceable to anything, e.g., an official HR record or a PIV card Authorized by the law (e.g., 1998 Digital Signature and Electronic Authentication Law (SEAL), 1999 Uniform Electronic Transactions Act (UETA), 2003 GPEA, etc.) Loose and variable standards make electronic signatures increasingly easy to forge or spoof Generally requires compensating controls and out-of-band identity validation (e.g., wet-ink signature on a timesheet) 14

11 What is a Digital Signature? Digital Signature : A sub-category of electronic signatures; includes a cryptographic assurance of the originator s (authors) identity, and an integrity check on the text received Uses PKI for cryptographic assurance Extremely difficult to forge Example: A travel tracking system with a user ID/password access makes the manager digitally sign using her LincPass card when approving travel for her staff. Solves security (repudiation) problems: two-factor authentication; user ID traceable (via PKI infrastructure) to a known and verified identity in HSPD-12 system; content no modified 15

12 Assurance Levels, eauthentication, and USDA LincPass Identity Assurance Levels (as defined by NIST ): how sure you are of the identity of an individual, and that the person with whom you are interacting is that individual digital signatures not related USDA eauthentication: a software solution for authentication (is the user known?) and authorization (is the user allowed access) digital signatures not related, and eauth provides no support for them LincPass (PIV card): a hardware token solution that enables authentication (is the user known), and has an electronic certificate on the card s chip that can pass along a digital representation of that identity the tool that allows a user with an application (e.g., Outlook, Acrobat) to create digitally signed files 16

13 PKI and Digital Signature Public Key Infrastructure (PKI): the mechanism for digital signature verification 3 When Beth opens the document, she sees that the document is digitally signed, and Word shows the certificate is trusted (specifically, Word checks the validity of the signature by checking the GSA MSO Certificate Revocation List [CRL], then does a hash comparison of the document) Root CA Beth GSA MSO s Certificate Authority (Root CA) issues 1 Digital Signature certificate on LincPass card to Alice (identify verified during LincPass enrollment step) Alice Two-factor authentication based on something Alice has (her LincPass) and something she knows (her PIN). 2 Alice digitally signs a Word document using her LincPass card (specifically, her digital signature PKI certificate s private key), then sends the document to Beth. The digital signature indicates the document is unchanged since Alice sent it (any change to the file destroys the digital signature, therefore, it is non-repudiable) 17

14 More Information For more information on USDA s projects that leverage the LincPass, contact: Owen Unangst, Director USDA Innovations and Operational Architecture Owen.Unangst@ftc.usda.gov 18

Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008

Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008 Interagency Advisory Board HSPD-12 Insights: Past, Present and Future Carol Bales Office of Management and Budget December 2, 2008 Importance of Identity, Credential and Access Management within the Federal

More information

Electronic Signature Policy

Electronic Signature Policy Electronic Signature Policy Definitions The following terms are used in this policy. Term Definition Electronic Signature An electronic signature is a paperless method used to authorize or approve documents

More information

Strategies for the Implementation of PIV I Secure Identity Credentials

Strategies for the Implementation of PIV I Secure Identity Credentials Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual

More information

Cryptologic and Cyber Systems Division

Cryptologic and Cyber Systems Division Cryptologic and Cyber Systems Division OVERALL BRIEFING IS Someone Scraped My Identity! Is There a Doctrine in the House? AF Identity, Credential, and Access Management (ICAM) August 2018 Mr. Richard Moon,

More information

Helping Meet the OMB Directive

Helping Meet the OMB Directive Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise

More information

DATA SHEET. ez/piv CARD KEY FEATURES:

DATA SHEET. ez/piv CARD KEY FEATURES: Personal Identity Verification (PIV) Card ez/piv Card satisfies FIPS 201, HSPD-12. It allows your users to authenticate to z/os Security Server through the use of a government PIV or CAC Card. KEY FEATURES:

More information

PKI and FICAM Overview and Outlook

PKI and FICAM Overview and Outlook PKI and FICAM Overview and Outlook Stepping Stones 2001 FPKIPA Established Federal Bridge CA established 2003 E-Authentication Program Established M-04-04 E-Authentication Guidance for Federal Agencies

More information

Development Authority of the North Country Governance Policies

Development Authority of the North Country Governance Policies Development Authority of the North Country Governance Policies Subject: Electronic Signature Policy Adopted: March 28, 2018 (Annual Meeting) Resolution: 2018-03-35 Table of Contents SECTION 1.0 INTRODUCTION...

More information

Single Secure Credential to Access Facilities and IT Resources

Single Secure Credential to Access Facilities and IT Resources Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access

More information

Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013

Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 1. Opening Remarks 2. Discussion on Revisions Contained in Draft SP 800-63-2 (Bill Burr, NIST) 3. The Objectives and Status of Modern

More information

Implementing Electronic Signature Solutions 11/10/2015

Implementing Electronic Signature Solutions 11/10/2015 Implementing Electronic Signature Solutions 11/10/2015 Agenda Methodology, Framework & Approach: High-Level Overarching Parameters Regarding Electronic Service Delivery Business Analysis & Risk Assessment

More information

IMPLEMENTING AN HSPD-12 SOLUTION

IMPLEMENTING AN HSPD-12 SOLUTION IMPLEMENTING AN HSPD-12 SOLUTION PAVING THE PATH TO SUCCESS Prepared by: Nabil Ghadiali 11417 Sunset Hills Road, Suite 228 Reston, VA 20190 Tel: (703)-437-9451 Fax: (703)-437-9452 http://www.electrosoft-inc.com

More information

Secure Government Computing Initiatives & SecureZIP

Secure Government Computing Initiatives & SecureZIP Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS

More information

Maria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor Security

Maria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor Security Migrant Student Information Exchange (MSIX) Security, Privacy and Account Management Webinar Deloitte Consulting LLP. February 22, 2018 Maria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor

More information

Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA

Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA LANL s Multi-Factor Authentication (MFA) Initiatives NLIT Summit 2018 Glen Lee Network and Infrastructure Engineering

More information

Leveraging HSPD-12 to Meet E-authentication E

Leveraging HSPD-12 to Meet E-authentication E Leveraging HSPD-12 to Meet E-authentication E Policy and an update on PIV Interoperability for Non-Federal Issuers December 2, 2008 Chris Louden IAB 1 Leveraging HSPD-12 to Meet E-Authentication E Policy

More information

PKI is Alive and Well: The Symantec Managed PKI Service

PKI is Alive and Well: The Symantec Managed PKI Service PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions

More information

The Benefits of EPCS Beyond Compliance August 15, 2016

The Benefits of EPCS Beyond Compliance August 15, 2016 The Trusted Source for Secure Identity Solutions The Benefits of EPCS Beyond Compliance August 15, 2016 Presenters Sheila Loy Director Healthcare Solutions HID Global Joe Summanen Technical Architect Nemours

More information

Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop

Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop PACS Integration into the Identity Infrastructure Salvatore D Agostino CEO, IDmachines LLC 8 th Annual

More information

FiXs - Federated and Secure Identity Management in Operation

FiXs - Federated and Secure Identity Management in Operation FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems

More information

Digital signatures: How it s done in PDF

Digital signatures: How it s done in PDF Digital signatures: How it s done in PDF Agenda Why do we need digital signatures? Basic concepts applied to PDF Digital signatures and document workflow Long term validation Why do we need digital signatures?

More information

existing customer base (commercial and guidance and directives and all Federal regulations as federal)

existing customer base (commercial and guidance and directives and all Federal regulations as federal) ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of

More information

Sparta Systems TrackWise Digital Solution

Sparta Systems TrackWise Digital Solution Systems TrackWise Digital Solution 21 CFR Part 11 and Annex 11 Assessment February 2018 Systems TrackWise Digital Solution Introduction The purpose of this document is to outline the roles and responsibilities

More information

ENTRUST DATACARD DERIVED PIV CREDENTIAL SOLUTION

ENTRUST DATACARD DERIVED PIV CREDENTIAL SOLUTION ENTRUST DATACARD DERIVED PIV CREDENTIAL SOLUTION A Guide to Meet NIST SP 800-157 Requirements +1-888-690-2424 entrust.com Table of contents The Need for Mobile Credentials Page 3 Entrust Datacard: The

More information

Top Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk

Top Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk Top Reasons To Audit An IAM Program Bryan Cook Focal Point Data Risk Focal Point Data Risk A New Type of Risk Management Firm THE FACTS Born from the merger of three leading security & risk management

More information

Interagency Advisory Board Meeting Agenda, March 5, 2009

Interagency Advisory Board Meeting Agenda, March 5, 2009 Interagency Advisory Board Meeting Agenda, 1. Opening Remarks (Tim Baldridge, NASA) 2. Federal Identity, Credential, and Access Management (ICAM) The Future of the Government s IDM Strategy (Judy Spencer,

More information

Adobe Sign and 21 CFR Part 11

Adobe Sign and 21 CFR Part 11 Adobe Sign and 21 CFR Part 11 Today, organizations of all sizes are transforming manual paper-based processes into end-to-end digital experiences speeding signature processes by 500% with legal, trusted

More information

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman Public Key Infrastructure PKI National Digital Certification Center Information Technology Authority Sultanate of Oman Agenda Objectives PKI Features etrust Components Government eservices Oman National

More information

State of Colorado Cyber Security Policies

State of Colorado Cyber Security Policies TITLE: State of Colorado Cyber Security Policies Access Control Policy Overview This policy document is part of the State of Colorado Cyber Security Policies, created to support the State of Colorado Chief

More information

Massachusetts Health Data Consortium CAQH CORE - NEHEN - VeriSign/Symantec Pilot. September 2010

Massachusetts Health Data Consortium CAQH CORE - NEHEN - VeriSign/Symantec Pilot. September 2010 Massachusetts Health Data Consortium CAQH CORE - NEHEN - VeriSign/Symantec Pilot September 2010 Agenda CAQH status CORE UPD Pilot overview Q&A 2 HR 3590 Patient Protection and Affordable Care Act: Section

More information

Identity Assurance Framework: Realizing The Identity Opportunity With Consistency And Definition

Identity Assurance Framework: Realizing The Identity Opportunity With Consistency And Definition Identity Assurance Framework: Realizing The Identity Opportunity With Consistency And Definition Sept. 8, 2008 Liberty Alliance 1 Welcome! Introduction of speakers Introduction of attendees Your organization

More information

Introduction to AWS GoldBase

Introduction to AWS GoldBase Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document

More information

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical

More information

Interagency Advisory Board Meeting Agenda, February 2, 2009

Interagency Advisory Board Meeting Agenda, February 2, 2009 Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,

More information

Interagency Advisory Board Meeting Agenda, August 25, 2009

Interagency Advisory Board Meeting Agenda, August 25, 2009 Interagency Advisory Board Meeting Agenda, August 25, 2009 1. Opening Remarks 2. Policy, process, regulations, technology, and infrastructure to employ HSPD-12 in USDA (Owen Unangst, USDA) 3. Policy and

More information

Interagency Advisory Board Meeting Agenda, February 2, 2009

Interagency Advisory Board Meeting Agenda, February 2, 2009 Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,

More information

Introduction of the Identity Assurance Framework. Defining the framework and its goals

Introduction of the Identity Assurance Framework. Defining the framework and its goals Introduction of the Identity Assurance Framework Defining the framework and its goals 1 IAEG Charter Formed in August of 07 to develop a global standard framework and necessary support programs for validating

More information

Secure Lightweight Activation and Lifecycle Management

Secure Lightweight Activation and Lifecycle Management Secure Lightweight Activation and Lifecycle Management Nick Stoner Senior Program Manager 05/07/2009 Agenda Problem Statement Secure Lightweight Activation and Lifecycle Management Conceptual Solution

More information

Who s Protecting Your Keys? August 2018

Who s Protecting Your Keys? August 2018 Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and

More information

Policy Document. PomSec-AllSitesBinder\Policy Docs, CompanyWide\Policy

Policy Document. PomSec-AllSitesBinder\Policy Docs, CompanyWide\Policy Policy Title: Binder Association: Author: Review Date: Pomeroy Security Principles PomSec-AllSitesBinder\Policy Docs, CompanyWide\Policy Joseph Shreve September of each year or as required Purpose:...

More information

ENTERPRISE ARCHITECTURE

ENTERPRISE ARCHITECTURE ENTERPRISE ARCHITECTURE Executive Summary With more than $1 billion in information technology investments annually, the Commonwealth of Pennsylvania has evolved into the equivalent of a Fortune 20 organization,

More information

Interagency Advisory Board Meeting Agenda, December 7, 2009

Interagency Advisory Board Meeting Agenda, December 7, 2009 Interagency Advisory Board Meeting Agenda, December 7, 2009 1. Opening Remarks 2. FICAM Segment Architecture & PIV Issuance (Carol Bales, OMB) 3. ABA Working Group on Identity (Tom Smedinghoff) 4. F/ERO

More information

INFORMATION ASSURANCE DIRECTORATE

INFORMATION ASSURANCE DIRECTORATE National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Signature Repository A Signature Repository provides a group of signatures for use by network security tools such

More information

CNATRAINST A N6 3 Mar 16. Subj: CNATRA ELECTRONIC MAIL DIGITAL SIGNATURE AND ENCRYPTION POLICY

CNATRAINST A N6 3 Mar 16. Subj: CNATRA ELECTRONIC MAIL DIGITAL SIGNATURE AND ENCRYPTION POLICY DEPARTMENT OF THE NAVY CHIEF OF NAVAL AIR TRAINING 250 LEXINGTON BLVD SUITE 102 CORPUS CHRISTI TX 78419-5041 CNATRAINST 5230.7A N6 CNATRA INSTRUCTION 5230.7A Subj: CNATRA ELECTRONIC MAIL DIGITAL SIGNATURE

More information

INFORMATION ASSURANCE DIRECTORATE

INFORMATION ASSURANCE DIRECTORATE National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess

More information

The Device Has Left the Building

The Device Has Left the Building The Device Has Left the Building Mobile Security Made Easy With Managed PKI Christian Brindley Principal Systems Engineer, Symantec Identity and Information Protection Agenda 1 2 3 Mobile Trends and Use

More information

Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance

Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance November 10, 2009 Powered by the Federal Chief Information Officers Council and the Federal Enterprise Architecture

More information

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Enhancing the Cybersecurity of Federal Information and Assets through CSIP TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3

More information

Interagency Advisory Board Meeting Agenda, April 27, 2011

Interagency Advisory Board Meeting Agenda, April 27, 2011 Interagency Advisory Board Meeting Agenda, April 27, 2011 1. Open Remarks (Mr. Tim Baldridge, IAB Chair) 2. FICAM Plan for FIPS 201-2 (Tim Baldridge, IAB Chair and Deb Gallagher, GSA) 3. NSTIC Cross-Sector

More information

Virtual Machine Encryption Security & Compliance in the Cloud

Virtual Machine Encryption Security & Compliance in the Cloud Virtual Machine Encryption Security & Compliance in the Cloud Pius Graf Director Sales Switzerland 27.September 2017 Agenda Control Your Data In The Cloud Overview Virtual Machine Encryption Architecture

More information

Interagency Advisory Board Meeting Agenda, July 28, 2010

Interagency Advisory Board Meeting Agenda, July 28, 2010 Interagency Advisory Board Meeting Agenda, July 28, 2010 1. Opening Remarks 2 Research Collaboration in the Cloud: How NCI and Research Partners Are Improving Business Processes using Digital Identities

More information

Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security

Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security Smart Cards and Authentication Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security Payment Landscape Contactless payment technology being deployed Speeds

More information

FIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013

FIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013 FIPS 201-2 and NIST Special Publications Update Smart Card Alliance Webinar November 6, 2013 Today s Webinar Topics & Speakers Introductions: Randy Vanderhoof, Executive Director, Smart Card Alliance FIPS

More information

U.S. E-Authentication Interoperability Lab Engineer

U.S. E-Authentication Interoperability Lab Engineer Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI

More information

Sparta Systems TrackWise Solution

Sparta Systems TrackWise Solution Systems Solution 21 CFR Part 11 and Annex 11 Assessment October 2017 Systems Solution Introduction The purpose of this document is to outline the roles and responsibilities for compliance with the FDA

More information

POSITION DESCRIPTION

POSITION DESCRIPTION POSITION DESCRIPTION Engagement Manager Unit/Branch, Directorate: Location: Outreach & Engagement, Information Assurance and Cyber Security Directorate Auckland Salary range: H $77,711 - $116,567 Purpose

More information

Interagency Advisory Board Meeting Agenda, February 2, 2009

Interagency Advisory Board Meeting Agenda, February 2, 2009 Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,

More information

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control

More information

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION HID ActivOne USER FRIENDLY STRONG AUTHENTICATION We understand IT security is one of the TOUGHEST business challenges today. HID Global is your trusted partner in the fight against data breach due to misused

More information

What It Takes to be a CISO in 2017

What It Takes to be a CISO in 2017 What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge

More information

FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance

FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance A Smart Card Alliance Identity Council and Physical

More information

UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES

UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES ACCESS MANAGEMENT Policy UT Health San Antonio shall adopt access management processes to ensure that access to Information Resources is restricted to authorized users with minimal access rights necessary

More information

Office of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)

Office of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC) Office of Transportation Vetting and Credentialing Transportation Worker Identification Credential (TWIC) Program Briefing for the American Association of Port Authorities Chicago, IL 27 April 2005 TWIC

More information

Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS)

Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS) Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS) This document (IMPS) facilitates an organization to provide relevant information to describe how it fulfils the normative

More information

NIC Portal eauthentication System Integration: A Transition Guide for NIC Portal Users

NIC Portal eauthentication System Integration: A Transition Guide for NIC Portal Users NIC Portal eauthentication System Integration: A Transition Guide for NIC Portal Users Background The National Information Center Application Portal (NIC Portal) is integrating with the USDA eauthentication

More information

PKI-An Operational Perspective. NANOG 38 ARIN XVIII October 10, 2006

PKI-An Operational Perspective. NANOG 38 ARIN XVIII October 10, 2006 PKI-An Operational Perspective NANOG 38 ARIN XVIII October 10, 2006 Briefing Contents PKI Usage Benefits Constituency Acceptance Specific Discussion of Requirements Certificate Policy Certificate Policy

More information

Executive Order 13556

Executive Order 13556 Briefing Outline Executive Order 13556 CUI Registry 32 CFR, Part 2002 Understanding the CUI Program Phased Implementation Approach to Contractor Environment 2 Executive Order 13556 Established CUI Program

More information

Streamlined FISMA Compliance For Hosted Information Systems

Streamlined FISMA Compliance For Hosted Information Systems Streamlined FISMA Compliance For Hosted Information Systems Faster Certification and Accreditation at a Reduced Cost IT-CNP, INC. WWW.GOVDATAHOSTING.COM WHITEPAPER :: Executive Summary Federal, State and

More information

No More Excuses: Feds Need to Lead with Strong Authentication!

No More Excuses: Feds Need to Lead with Strong Authentication! No More Excuses: Feds Need to Lead with Strong Authentication! Dr. Sarbari Gupta sarbari@electrosoft-inc.com Annual NCAC Conference on Cybersecurity March 16, 2016 Electrosoft Services, Inc. 1893 Metro

More information

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013 MAESON MAHERRY 3 Factor Authentication and what it means to business. Date: 21/10/2013 Concept of identity Access Control User Self-Service Identity and Access Management Authoritive Identity Source User

More information

An Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication

An Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication An Overview of Draft SP 800-157 Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov

More information

Security and Privacy Governance Program Guidelines

Security and Privacy Governance Program Guidelines Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by

More information

Sectigo Security Solution

Sectigo  Security Solution Sectigo Email Security Solution 2018 Sectigo. All rights reserved. Email hacking is a commonly used malicious tactic in our increasingly connected world. Business email compromise (BEC), or email account

More information

Nomination for NASCIO 2012 Recognition Awards. State of Hawaii. Office of Information Management and Technology

Nomination for NASCIO 2012 Recognition Awards. State of Hawaii. Office of Information Management and Technology Nomination for NASCIO 2012 Recognition Awards State of Hawaii Office of Information Management and Technology 1. COVER TITLE: 4G LTE First Responders Pilot CATEGORY: Information Communication Technology

More information

Yubico with Centrify for Mac - Deployment Guide

Yubico with Centrify for Mac - Deployment Guide CENTRIFY DEPLOYMENT GUIDE Yubico with Centrify for Mac - Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component

More information

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains

More information

GLOBAL PKI TRENDS STUDY

GLOBAL PKI TRENDS STUDY 2018 GLOBAL PKI TRENDS STUDY Sponsored by Thales esecurity Independently conducted by Ponemon Institute LLC SEPTEMBER 2018 EXECUTIVE SUMMARY #2018GlobalPKI Mi Ponemon Institute is pleased to present the

More information

Education Network Security

Education Network Security Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or

More information

Healthcare Security Success Story

Healthcare Security Success Story Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Healthcare Security Success Story

More information

IT Consulting and Implementation Services

IT Consulting and Implementation Services PORTFOLIO OVERVIEW IT Consulting and Implementation Services Helping IT Transform the Way Business Innovates and Operates 1 2 PORTFOLIO OVERVIEW IT Consulting and Implementation Services IT is moving from

More information

Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011

Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011 Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. FIPS 201-2 Update and Panel Discussion with NIST Experts in Q&A Session (Bill MacGregor

More information

Making the Case for Digital Signatures

Making the Case for Digital Signatures Making the Case for Digital Signatures Save time, money & resources by replacing physical signatures [Partner logo] STAY ENGAGED Type your questions and comments. We ll answer them all at the end of the

More information

MNsure Privacy Program Strategic Plan FY

MNsure Privacy Program Strategic Plan FY MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term

More information

NYDFS Cybersecurity Regulations

NYDFS Cybersecurity Regulations SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy

More information

E-CONSTRUCTION AN UPDATE ON STATE CONSTRUCTION OFFICE E-CONSTRUCTION SYSTEMS

E-CONSTRUCTION AN UPDATE ON STATE CONSTRUCTION OFFICE E-CONSTRUCTION SYSTEMS E-CONSTRUCTION AN UPDATE ON STATE CONSTRUCTION OFFICE E-CONSTRUCTION SYSTEMS E-CONSTRUCTION e-construction: the creation, review, approval, distribution, and storage of highway construction documents in

More information

HIPAA Compliance Checklist

HIPAA Compliance Checklist HIPAA Compliance Checklist Hospitals, clinics, and any other health care providers that manage private health information today must adhere to strict policies for ensuring that data is secure at all times.

More information

CERTIFICATE POLICY CIGNA PKI Certificates

CERTIFICATE POLICY CIGNA PKI Certificates CERTIFICATE POLICY CIGNA PKI Certificates Version: 1.1 Effective Date: August 7, 2001 a Copyright 2001 CIGNA 1. Introduction...3 1.1 Important Note for Relying Parties... 3 1.2 Policy Identification...

More information

Security Survey Executive Summary October 2008

Security Survey Executive Summary October 2008 A government technology Executive Survey Summary: HP Security Survey Executive Summary October 2008 Produced by: In Partnership With: Introduction Information is paramount to the survival of government

More information

Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012

Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Revision of the Digital Signature Standard (Tim Polk, NIST) 3. Update on Content

More information

IT-CNP, Inc. Capability Statement

IT-CNP, Inc. Capability Statement Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government

More information

NFC Identity and Access Control

NFC Identity and Access Control NFC Identity and Access Control Peter Cattaneo Vice President, Business Development Agenda Basics NFC User Interactions Architecture (F)ICAM Physical Access Logical Access Future Evolution 2 NFC Identity

More information

FedRAMP Digital Identity Requirements. Version 1.0

FedRAMP Digital Identity Requirements. Version 1.0 FedRAMP Digital Identity Requirements Version 1.0 January 31, 2018 DOCUMENT REVISION HISTORY DATE VERSION PAGE(S) DESCRIPTION AUTHOR 1/31/2018 1.0 All Initial document FedRAMP PMO i ABOUT THIS DOCUMENT

More information

CERN Certification Authority

CERN Certification Authority CERN Certification Authority Emmanuel Ormancey (IT/IS) What are Certificates? What are Certificates? Digital certificates are electronic credentials that are used to certify the identities of individuals,

More information

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/identify/ndcbf _ITSecPlan_IDGV2017.pdf

More information

The SafeNet Security System Version 3 Overview

The SafeNet Security System Version 3 Overview The SafeNet Security System Version 3 Overview Version 3 Overview Abstract This document provides a description of Information Resource Engineering s SafeNet version 3 products. SafeNet version 3 products

More information

The NIST Cybersecurity Framework

The NIST Cybersecurity Framework The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce

More information

Cloud Customer Architecture for Securing Workloads on Cloud Services

Cloud Customer Architecture for Securing Workloads on Cloud Services Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,

More information

SECURITY & PRIVACY DOCUMENTATION

SECURITY & PRIVACY DOCUMENTATION Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive

More information

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below

More information

Solutions Technology, Inc. (STI) Corporate Capability Brief

Solutions Technology, Inc. (STI) Corporate Capability Brief Solutions Technology, Inc. (STI) Corporate Capability Brief STI CORPORATE OVERVIEW Located in the metropolitan area of Washington, District of Columbia (D.C.), Solutions Technology Inc. (STI), women owned

More information