Interagency Advisory Board (IAB) Meeting. August 09, 2005
|
|
- Baldric Leslie Clarke
- 5 years ago
- Views:
Transcription
1 Interagency Advisory Board (IAB) Meeting August 09, 2005
2 Agenda National Institute of Standards and Technology (NIST) Discussion on Reference Implementation and Conformance Testing IAB Working Group Updates Training Partnership Discussion Common Handheld Requirements Status National Aeronautics and Space Administration (NASA) Status Update How to Check Authenticity of Personal Identity Verification (PIV) Other IAB Initiatives Credential Card Migration Strategy
3 NIST Discussion on Reference Implementation and Conformance Testing 3
4 SP Reference Implementation Jim Dray IAB Meeting August 2005
5 Components SP800-73/Part 3 PIV card simulator o Written in C++ for wintel platforms o Runs TLP224 protocol on a local port o Native code simulation of a PIV card o Can load JavaCard(tm) applets via Sun s kit PIV middleware o Implements the Part 3 client API
6 Purpose Provides a worked example for developers NOT a deployable commercial product No code that can be loaded onto a real card o JavaCard loader would allow this but NIST is not providing reference JavaCard applets o PIV functionality expressed in C++/Windows Supports conformance test development
7 Conformance It is not possible to conform to the reference implementation The reference implementation provides an example that conforms to the PIV specs Conformance testing proves that an implementation conforms to specifications Reference implementations are developed for clarity, not performance
8 Availability Publicly available at Will be updated on an as-needed basis o New versions will be posted along with change notices o Old versions will be archived, available on request Basis for a possible PIV software toolkit
9 PIV Middleware and PIV Card Application Conformance Testing Toolkit Ramaswamy Chandramouli (Mouli) IAB Meeting August 2005
10 Agency A Application Agency B Application Agency C Application PIV MIDDLEWARE CSP/Bio API / CSP/Bio API / CSP/Bio API / Etc. Etc. Etc. PIV Client Application Programming Interface PIV Card Command Interface Host PC Card Reader Driver Card Reader Smart Card Reader PIV CARD PIV Card Application PIV Card Command Interface PIV Data Model
11 Scope Tests & Specs Test Suite has two Broad Categories of Tests o PIV Middleware (End-Point) Tests o PIV Card Application (End-Point) Tests SP Specifications Covered o End-Point Client API Chapter 6 of SP o End-Point PIV Card Application Card Command Interface Chapter 7 of SP o PIV Data Objects & Representations (Chapter 4 & 5 of SP ) o PIV Authentication Use Cases (C.1.2 and C.1.4 of Appendix C of SP )
12 PIV Middleware Tests Configuration The Test Toolkit The vendor provided PIV middleware which is the subject of this test The contact and contactless smart card readers or a dual interface reader A dual interface FIPS 201-compliant test PIV card or a PIV card emulator.
13 PIV Middleware Tests Summary Tests all the 9 Functions in PIV Client API (Chapter 6 of SP ) Tested for Response to all Valid and Error Return Codes
14 PIV Card Application Tests Configuration The test toolkit Contact and a contactless smart card readers or a dual interface reader An PIN input device A biometric fingerprint reader A PIV card that support contact and contactless interface which is the subject of this test.
15 PIV Card Application Tests Card Command Interface Tests Tests all 8 commands in card command interface (Chapter 7 of SP ) Card interface type (contact vs. contactless) Precondition for use (PIN verified, Currently Selected Application value) Expected Response status codes Right Content and Encoding for returned data Appropriate State Variables set in the card.
16 PIV Card Application Tests Data Objects Representation & Authentication Use Cases Tests Tests all 6 Mandatory data objects and any published of the 5 Optional data objects for - Correct Tag Codes & Lengths - Overall size limits for the buffer Authentication Use Case Tests consists of - Parsing Data and Checking for values of key fields such Expiration Date in CHUID, FASC-N etc - Verifying signatures are valid
17 Toolkit Features Summary The toolkit has a Graphical User Interface Provides a configuration file to enter valid parameter values for validation of data returned in responses to function calls. Each of the two broad categories of tests PIV Middleware Tests & PIV Card Application Tests can be loaded separately.
18 IAB Working Group Updates 18
19 Foreign National Working Group Initial meeting held on Thursday, July 14th Included representatives from: Department of State Department of Energy Department of Commerce Department of Interior Department of Defense Shared information on current processes for vetting foreign nationals within respective organizations Discussed potential challenges accommodating Personal Identity Verification (PIV) Shared compiled list of challenges with Office of Management and Budget (OMB) policy working group 19
20 Aggregate Buy Working Group Initial meeting held on Monday, July 25 th Outlined lessons-learned from the DoD to help other agencies avoid known pitfalls within the issuance process Reviewed initial draft specifications for contact and contactless technologies as it pertained to mandatory and optional contract line item numbers (CLIN) Aggregate buy will provide for: Cards Printers Printing consumables Smart card middleware Contact and contact-less readers 20
21 Physical Access and Integration Working Group The PAIWG is updating the Physical Access Control System (PACS) 2.2 guidance to conform with FIPS 201 and SP Tiger Team created a gap analysis that outlines the discrepancies between the documents 21
22 Training Partnership Discussion 22
23 HSPD-12 TRAINING MODULES UPDATE
24 Introduction Developing a series of web- based training modules and assessment tools to assist management, administrators and users in complying with FIPS 201 The series will assist in the consistent implementation of FIPS 201 across the Federal Government
25 Background Training will be focused on: increasing awareness, ensuring compliance, promoting the utility and benefits, and clarifying misunderstandings relating to HSPD-12 implementation. The depth of the training content will vary from high-level overviews to details concerning roles and responsibilities; including certifications, where necessary.
26 Timelines and Modules Delivery on 10/03/2005 includes: Module 1: PIV Roles and Responsibilities Delivery on 12/31/2005 includes: Module 2: PIV Overview Module 3: Privacy Awareness Module 4: Administrator Module 5: Appropriate Uses
27 Module 1 10/3/2005 Module 1 includes: An overview of the issuance process The specific roles and responsibilities associated with PIV-1 compliance Certification of employees in the specified roles at the conclusion of the training
28 Modules /31/2005 Module 2: PIV Overview - overview of HSPD-12 for all government employees, the impact on agencies, and card issuance Module 3: Privacy Awareness Awareness explains the uses of personal identity information collected and will dispel concerns about misuse of personal data within the system
29 Modules 2-5, 2 cont. Module 4: Administrator provides a basic overview of the technologies and approaches (i.e. Smartcards, Biometrics, Card Management) Module 5: Appropriate Uses discusses how the PIV card can be used for building access (physical) and logical access (i.e. to Federally controlled information systems)
30 Common Handheld Requirements Status 30
31 DM DC Information and Technology for Better Decision Making Information and Technology for Better Decision Making Joint Program Handheld/Mobile Device Status for Government Smart Card Interagency Advisory Board Presented by Mike Butler Director, Smart Card Programs and Operations Defense Manpower Data Center August 2005 August
32 DM DC Information and Technology for Better Decision Making Plan of Action Gather Requirements from User Community Consider DBIDS Lessons Learned Contract for Handheld Expertise Support Finalize Consolidated Requirements Market Survey of Products Capable of Customization and Modularity * Industry Capabilities Briefings * Statement of Work (SOW) for Development * Request for Proposal (RFP) for Development of Custom and Modular Handheld/Mobile Device(s) August 2005 * Only if COTS does not exist to meet our needs. 32
33 DM DC Information and Technology for Better Decision Making Handheld/Mobile Device Market Place August
34 DM DC Information and Technology for Better Decision Making Questions? Mike Butler (703) August
35 National Aeronautics and Space Administration (NASA) Status Update 35
36 Common Badging and Access Control System (CBACS) People, Technology, & Information Working Together For NASA Marshall Space Flight Center August, Government Smart Card Inter-Agency Advisory Board Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 36
37 CBACS Initial Scope Smart Cards MISSION: (2002/2003) The Implementation of a multi-application, multi-technology smart card program with an Agencywide user base People, Technology, & Information Working Together For NASA VISION: To issue a common credential token (physical and logical identifier) that is. Used by NASA employees, contractors, and other people approved by NASA. Who require routine access to NASA physical and information resources. An inter-agency Federal Identity Credential conforming with emerging federal policy and technical interoperability During During Site Site Surveys, Surveys, issues issues were were determined determined on on several several fronts: fronts: diversity diversity of of existing existing PACS, PACS, need need for for common common processes, processes, difficulties difficulties in in logical logical roll-out, roll-out, and and flexibility/ease flexibility/ease of of use use of of system system Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 37
38 CBACS Project Re-Direction Goals: (2004) Achieve High Business Value Through a Common Badging and Access Control System That Integrates with Smart Cards Provide Physical (versus Logical) Deployment of Smart Cards Initially Provides a Common Consistent and Reliable Environment Into Which to Release the Smart Card Gives Opportunity to Develop Agencywide Consistent Processes, Practices and Policies Enables Enterprise Data Capture and Management Promotes Data Validation Prior to SC Issuance Avoids Further Investment in Current PACS Systems People, Technology, & Information Working Together For NASA Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 38
39 CBACS - Description An Integrated Services and IT Security Environment That Fulfills NASA and Homeland Security Presidential Directive (HSPD-12) Requirements for: NASA Identity Management System IDMS Central Authoritative Source for Personnel Identification Warehouse for Personnel Security Investigation Determinations Warehouse for Clearance Issuance & Uniform Universal Person Identification Code (UUPIC) Enterprise Physical Access Control System E-PACS Software for Common Badging Application Area Access Management Visitor Management System (Optional) Alarm Monitoring Application Integrated Digital Video Recording and Archiving System Smart Card Physical Access SC Hybrid Smart Card Utilized with E-PACS for Physical Access Provide Logical Access to NASA Computerized Systems During Final Phase of Implementation Central Card Management System CCMS Contact and Contact-less Smart Card Encoding Provides Logical Certificates to the Smart Card from the NASA CA Smart Card Life Cycle Management People, Technology, & Information Working Together For NASA Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 39
40 CBACS - Conceptual Drawing People, Technology, & Information Working Together For NASA Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 40
41 CBACS - System Life Cycle People, Technology, & Information Working Together For NASA IDMS E-PACS Smart Card CCMS Initiation Complete Complete Complete Complete Development and Acquisition Complete Ongoing Ongoing Ongoing Implementation Ongoing Ongoing Lab Lab Operations and Maintenance None None None None Disposal None None None None NIST Phasing Model View Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 41
42 CBACS - Planning Approach New Work Planning Documents Compliance Reason for not complying or N/A People, Technology, & Information Working Together For NASA OMB Circular A-11 Business Plan NIST Special Publication , Risk Management Guide for Information Technology Systems NIST Special Publication , Guide for Developing Security Plans for Information Technology Systems NPR C, Sections 3.2, , and NPD , Emergency Preparedness Programs NPR , Security Procedures and Guidelines NPR Security of Information Technologies NPR , NASA Software Engineering Requirements, and NASA Standard , Software Assurance Standard Complies Complies Complies Will Comply Complies Complies Complies Will Comply Evaluation underway to ensure compliance Evaluation underway to ensure compliance Explore. Discover. Understand. GSC-IAB 8/10/2005 IS05: Tim Baldridge Page 42
43 How to Check Authenticity of PIV 43
44 Other Federal Agency Visitors Checking the Authenticity of PIV Challenge: An individual from Housing and Urban Development (HUD) visits a Department of Homeland Security (DHS) facility and presents HUD PIV How will the DHS facility know that this PIV is authentic, held by the right person, and still valid? Requirement: FIPS 201 (section 6.2) requires card issuers to provide the capability for credentials to be authenticated by other Federal Agencies 44
45 What Is Currently Done Within DoD? DoD components utilize the Defense National Visitors System (DNVS) XML Simple Object Access Protocol (SOAP) Java 45
46 46
47 47
48 Proposal Propose establishing a focus group to: Scope out the different ways in which credential cross recognition could be accomplished Examine and recommend a common approach and process for all Federal Agencies Examine and recommend ways to maximize/leverage current investments 48
49 Current Environment Issuing Smart Cards for over 5 Years Issued over 8.5 million cards to DOD personnel/contractors (3.2 mil. are active) Submitted on June 27, 2005, OMB mandated plan to become PIV compliant (plan approved) Deploying a dual-interface card utilizing V2 applets and new PIV applet at issuance or post issuance Any new cards introduced must be backwards compatibility to cards previously fielded 49
50 Architecture Security Domain Access Control Applet PIN, Secure Channel, External Authority Controls Access which who Access is Controller Controller applets granted Applet are access placed Appletto the on applets Accesscard API Access Control MOC Lib Access Control Access API MOC Lib Access Control Bio Access Controller Access API Applet Secure Transport MOC Lib Access API Access Control PIV Applet MOC Lib Access Control OP Domain API PKI Applet GC Applet Other Applets Bio Action Applet C C C JavaCard Runtime 50
51 Other IAB Initiatives 51
52 DoD Key Ceremony and System Tour Who: Government and Primary Contractor Support Personnel ONLY What: DoD Key Management 101 and System Tour When: Session 1: Thu, Aug 11th (1-4pm) Session 2: TBD Where: EDS DMDC Account office (1600 N Beauregard Street, Suite 100, Alexandria, VA 22311) Why: To assist government personnel in determining individual key management policies and procedures Please send your RSVP to Winn Whaley at: winifrid.whaley.ctr@osd.pentagon.mil by Tuesday, August 9th 52
53 Located 5 min off of I-395, the DMDCB/EDS office is south of the Pentagon and north of the Springfield Mixing Bowl. Location is NOT metro accessible (15 min+ taxi from Eisenhower stop). Electronic Data Systems 1600 North Beauregard Street Alexandria, VA Front Desk: From DC: 1. Take I-395 S to Exit 4 - Seminary Road West (veers to the right). Once on Seminary Road, immediately begin moving towards the left hand lane. 2. At 2nd light turn left onto N Beauregard Street 3. At 2nd light turn right (Clyde's entrance). Sign will read 1600 EDS. 4. Continue straight and at 2 nd left, turn left until you see Bldg Please do not park in the spaces marked "Clyde's" or you may be towed. 53
54 HSPD-12 Reminders Implementation plans were due to OMB on June, Other dates: August 19, 2005: Public comment on Special Publication (SP) August 27, 2005: Additional programs identified to OMB that must be Personal Identity Verification (PIV) compliant October 27, 2005: PIV I Notional October 27, 2006: PIV II Notional SP Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations Published in July 2005 Establishes the attributes required of organizations in order to reliably perform appropriate identity proofing and issuing of cards Describes methods for determining if a PIV issuer exhibits the required attributes Provides guidance to Federal agencies in establishing or obtaining the services of an issuer whose reliability is accredited 54
55 IAB Status Report IAB status report and dashboard Provides a monthly update of IAB: Working group activities Educational opportunities Announcements Upcoming meetings 55
56 IAB Website Initial presence Next iteration scheduled for September 56
57 Credential Card Migration Strategy IAB 9 August 2005
58 Card Migration Strategy Migration to attain PIV II compliance by 10/06 but start now Card purchases starting now Movement to 10/06 Dual-Interface (DI) 64k Java Card 2.2 Current GSC applets Printed in accordance with FIPS-201 guidelines Existing GSC-IS applets 64K Chip DI 64k Java Card 2.2 Current GSC applets Printed in accordance with FIPS-201 guidelines PIV-II End State Applet: Available and FIPS certified Existing GSC-IS applets 64K Chip New PIV II applet PIV-II Compliant
59 Card Migration Strategy Migration to attain PIV II compliance by 10/06 but start now DI cards issued pre 10/06 Post-Issuance Update: all Pre 2/06 DI Cards Existing GSC-IS applets 64K Chip New PIV II applet PIV-II Compliant Issued DI cards will be post managed through a post management portal DI Cards come back to portal, load PIV II cert onto PIV II applet (contains CHUID, bio container,cert and security object) Previously Issued Dual Interface Cards: PIV-II Compliant 64K Chip October 2006 Existing GSC-IS applets New PIV II applet
60 Technical Notes PIV-II applet will be loaded aside existing GSC applet set The PIV-II certificate, CHUID, biometric containers, and security object will be loaded into the new PIV II applet ( Note: bio container only populated when SP issued Middleware will be upgraded to support the additional PIV-II applet and data Physical Access (PA) systems will be upgraded to support use cases for PA authentication over the contactless interface All other data and credentials not mandatory in FIPS- 201 and SP will remain in the GSC applet set
61 Conclusions This approach allows agencies to start issuing currently available dual interface smart card platform now Enables agencies to upgrade once PIV-II certified products are available Disagreement with this approach technically?
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future Carol Bales Office of Management and Budget December 2, 2008 Importance of Identity, Credential and Access Management within the Federal
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationSecuring Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS
Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS Introduction The expectations and requirements on government contracts for safety and security projects
More informationIMPLEMENTING AN HSPD-12 SOLUTION
IMPLEMENTING AN HSPD-12 SOLUTION PAVING THE PATH TO SUCCESS Prepared by: Nabil Ghadiali 11417 Sunset Hills Road, Suite 228 Reston, VA 20190 Tel: (703)-437-9451 Fax: (703)-437-9452 http://www.electrosoft-inc.com
More informationFiXs - Federated and Secure Identity Management in Operation
FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems
More informationRevision 2 of FIPS 201 and its Associated Special Publications
Revision 2 of FIPS 201 and its Associated Special Publications Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov IAB meeting, December 4, 2013 FIPS 201-2
More informationInteragency Advisory Board Meeting Agenda, Wednesday, May 23, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Revision of the Digital Signature Standard (Tim Polk, NIST) 3. Update on Content
More informationIAB Minutes Page 1 of 6 April 18, 2006
IAB Minutes Page 1 of 6 The Interagency Advisory Board (IAB) meeting convened on Tuesday, April 17, 2006 at 9:15 AM at the Sheraton National Hotel in Arlington. After opening remarks by Randy Vanderhoof
More informationFIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013
FIPS 201-2 and NIST Special Publications Update Smart Card Alliance Webinar November 6, 2013 Today s Webinar Topics & Speakers Introductions: Randy Vanderhoof, Executive Director, Smart Card Alliance FIPS
More informationInteragency Advisory Board Meeting Agenda, Tuesday, November 1, 2011
Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. FIPS 201-2 Update and Panel Discussion with NIST Experts in Q&A Session (Bill MacGregor
More informationDHS ID & CREDENTIALING INITIATIVE IPT MEETING
DHS ID & CREDENTIALING INITIATIVE IPT MEETING October 14, 2004 Part 02 of 02 IMS/CMS Functional Specification General Issuance Requirements Issue a GSC-IS 2.1 compliant dual chip hybrid ICC/DESFire v0.5
More informationInteragency Advisory Board Meeting Agenda, Wednesday, February 27, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 1. Opening Remarks 2. Discussion on Revisions Contained in Draft SP 800-63-2 (Bill Burr, NIST) 3. The Objectives and Status of Modern
More informationMultiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation
Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation Insert Company logo here A Smart Card Alliance Educational Institute Course Multiple credential
More informationHelping Meet the OMB Directive
Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise
More informationFedRAMP: Understanding Agency and Cloud Provider Responsibilities
May 2013 Walter E. Washington Convention Center Washington, DC FedRAMP: Understanding Agency and Cloud Provider Responsibilities Matthew Goodrich, JD FedRAMP Program Manager US General Services Administration
More informationWill Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?
Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions? Jack Radzikowski,, Northrop Grumman & FiXs Smart Card Alliance Annual Meeting La Jolla, California
More informationDMDC Card Technologies & Identification Systems Division. Evaluation of NIST SP End State Reference Implementation. Version 1.
DMDC Card Technologies & Identification Systems Division Evaluation of NIST SP 800-73 End State Reference Implementation Version 1.1 October 2005 i Revision History Page Issue Date Document Modification
More informationServices Directorate Dual Persona User Guide for DoD Enterprise Portal Service Military Sealift Command Version September 8, 2016
Services Directorate Dual Persona User Guide for DoD Enterprise Portal Service Military Sealift Command Version Document Approval Document Approved By Date Approved Name: Brian Purdy??/??/2016 ii Revision
More informationBiometric Use Case Models for Personal Identity Verification
Biometric Use Case Models for Personal Identity Verification Walter Hamilton International Biometric Industry Association & Saflink Corporation Smart Cards in Government Conference Arlington, VA April
More informationSecure Government Computing Initiatives & SecureZIP
Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS
More informationSingle Secure Credential to Access Facilities and IT Resources
Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access
More informationTransportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005
Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005 Who Am I? How do you know? 2 TWIC Program Vision A high-assurance identity credential that
More informationOffice of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)
Office of Transportation Vetting and Credentialing Transportation Worker Identification Credential (TWIC) Program Briefing for the American Association of Port Authorities Chicago, IL 27 April 2005 TWIC
More informationUnified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800 116 (HSPD 12) in a Trusted FICAM Platform In Partnership with: Introduction Monitor Dynamics (Monitor)
More informationCertiPath TrustVisitor and TrustManager. The need for visitor management in FICAM Compliant PACS
CertiPath TrustVisitor and TrustManager The need for visitor management in FICAM Compliant PACS CertiPath TrustMonitor CertiPath TrustVisitor and TrustManager The need for visitor management in FICAM Compliant
More informationInteragency Advisory Board Meeting Agenda, April 27, 2011
Interagency Advisory Board Meeting Agenda, April 27, 2011 1. Open Remarks (Mr. Tim Baldridge, IAB Chair) 2. FICAM Plan for FIPS 201-2 (Tim Baldridge, IAB Chair and Deb Gallagher, GSA) 3. NSTIC Cross-Sector
More informationIAB Minutes Page 1 of 6 January 18, 2006
IAB Minutes Page 1 of 6 The Interagency Advisory Board (IAB) meeting convened on Wednesday, January 18, 2005 at 9:00 AM in the GSA Auditorium. The meeting was chaired by Mike Butler. After his introductory
More informationTechnical Implementation Guidance: Smart Card Enabled Physical Access Control Systems Draft Version 2.3E
Technical Implementation Guidance: Smart Card Enabled Physical Access Control Systems Draft Version 2.3E Approved by: Government Smart Card Interagency Advisory Board Prepared by: Physical Access Interagency
More informationInformation Systems Security Requirements for Federal GIS Initiatives
Requirements for Federal GIS Initiatives Alan R. Butler, CDP Senior Project Manager Penobscot Bay Media, LLC 32 Washington Street, Suite 230 Camden, ME 04841 1 Federal GIS "We are at risk," advises the
More informationPKI and FICAM Overview and Outlook
PKI and FICAM Overview and Outlook Stepping Stones 2001 FPKIPA Established Federal Bridge CA established 2003 E-Authentication Program Established M-04-04 E-Authentication Guidance for Federal Agencies
More informationInteragency Advisory Board Meeting Agenda, March 5, 2009
Interagency Advisory Board Meeting Agenda, 1. Opening Remarks (Tim Baldridge, NASA) 2. Federal Identity, Credential, and Access Management (ICAM) The Future of the Government s IDM Strategy (Judy Spencer,
More informationAn Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication
An Overview of Draft SP 800-157 Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Defense Security Service Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development COST
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationMandate. Delivery. with evolving. Management and credentials. Government Federal Identity. and. Compliance. using. pivclasss replace.
Simplifying Compliance with the U.S. Government Federal Identity Mandate The first in a series of papers on HID Global ss Federal Identity Initiative and Delivery Strategy U.S. government agencies are
More information000027
000026 000027 000028 000029 000030 EXHIBIT A 000031 Homeland Security Presidential Directive/Hspd-12 For Immediate Release Office of the Press Secretary August 27, 2004 Homeland Security Presidential Directive/Hspd-12
More informationCryptologic and Cyber Systems Division
Cryptologic and Cyber Systems Division OVERALL BRIEFING IS Someone Scraped My Identity! Is There a Doctrine in the House? AF Identity, Credential, and Access Management (ICAM) August 2018 Mr. Richard Moon,
More informationSmart Cards & Credentialing in the Federal Government
Smart Cards & Credentialing in the Federal Government Smart Card Alliance 13 Feb 2003 Salt Lake City Bill Holcombe GSA Office of Governmentwide Policy New Urgency for Credentialing Solutions Post 9/11
More informationLeveraging HSPD-12 to Meet E-authentication E
Leveraging HSPD-12 to Meet E-authentication E Policy and an update on PIV Interoperability for Non-Federal Issuers December 2, 2008 Chris Louden IAB 1 Leveraging HSPD-12 to Meet E-Authentication E Policy
More informationThere is an increasing desire and need to combine the logical access and physical access functions of major organizations.
Introduction There is an increasing desire and need to combine the logical access and physical access functions of major organizations. This can be as simple as merely having an access card that can be
More informationTechnical Bulletin: CAC Data Model Change in 144K Dual Interface Cards
DEPARTMENT OF DEFENSE HUMAN RESOURCES ACTIVITY DEFENSE MANPOWER DATA CENTER DoD CENTER MONTEREY BAY 400 GIGLING ROAD SEASIDE, CALIFORNIA 93955-6771 To: DoD CAC Application and Testing Community From: Defense
More informationInteragency Advisory Board Meeting Agenda, Wednesday, June 29, 2011
Interagency Advisory Board Meeting Agenda, Wednesday, June 29, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Using PKI to Mitigate Leaky Documents (John Landwehr, Adobe) 3. The Digital Identity
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More informationI N F O R M A T I O N S E C U R I T Y
NIST Special Publication 800-73-2 2 nd DRAFT Interfaces for Personal Identity Verification Part 1: End-Point PIV Card Application Namespace, Data Model, and Representation James F. Dray Scott B. Guthery
More informationPhysical Access Control Systems and FIPS 201
Physical Access Control Systems and FIPS 201 Physical Access Council Smart Card Alliance December 2005 1 This presentation was developed by the Smart Card Alliance Physical Access Council. The goals of
More informationCredentialing Project Technical Architecture
Credentialing Project Technical Architecture Presented to Transportation Industry Association Stakeholder Meetings April 11-29, 2002 1 Agenda Overview of High Level Architecture Vision Components of Architecture
More informationexisting customer base (commercial and guidance and directives and all Federal regulations as federal)
ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT December 13, 2006 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-1 RFP: TQC-JTB-05-0001 December 13, 2006 REVISION HISTORY
More informationJava Card Technology-based Corporate Card Solutions
Java Card Technology-based Corporate Card Solutions Jack C. Pan, Leader and Sr. Architect Hervé Garcia, Tech. Project Manager econsumer Emerging Technologies, Citibank Overall Presentation Goal The objectives
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Risk Monitoring Risk Monitoring assesses the effectiveness of the risk decisions that are made by the Enterprise.
More informationNo More Excuses: Feds Need to Lead with Strong Authentication!
No More Excuses: Feds Need to Lead with Strong Authentication! Dr. Sarbari Gupta sarbari@electrosoft-inc.com Annual NCAC Conference on Cybersecurity March 16, 2016 Electrosoft Services, Inc. 1893 Metro
More informationVersion 3.4 December 01,
FIXS OPERATING RULES Version 3.4 December 01, 2015 www.fixs.org Copyright 2015 by the Federation for Identity and Cross-Credentialing Systems, Inc. All Rights Reserved Printed in the United States of America
More informationConsiderations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility
Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility A Smart Card Alliance Physical Access Council White Paper Publication Date: September 2006
More informationOverview of the USGS Plan for Quality Assurance of Digital Aerial Imagery
Overview of the USGS Plan for Quality Assurance of Digital Aerial Imagery Presented to MAPPS Conference March 14, 2006 U.S. Department of the Interior U.S. Geological Survey Outline Introduction Background
More informationTWIC Transportation Worker Identification Credential. Overview
TWIC Transportation Worker Identification Credential Overview TWIC Program Vision Goals Improve the security of identity management by establishing a system-wide common credential, universally acceptable
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop Total Operational Security Roger Roehr Executive Director, Roehr Consulting 8 th Annual Smart Cards
More informationSAC PA Security Frameworks - FISMA and NIST
SAC PA Security Frameworks - FISMA and NIST 800-171 June 23, 2017 SECURITY FRAMEWORKS Chris Seiders, CISSP Scott Weinman, CISSP, CISA Agenda Compliance standards FISMA NIST SP 800-171 Importance of Compliance
More informationTWIC / CAC Wiegand 58 bit format
This document was developed by the Smart Card Alliance Physical Access Council to respond to requests for sample Wiegand message formats that will handle the additional fields of the Federal Agency Smart
More informationUnlocking The CHUID. Practical Considerations and Lessons Learned for PIV Deployments. Eric Hildre 07/18/2006
Unlocking The CHUID Practical Considerations and Lessons Learned for PIV Deployments Eric Hildre 07/18/2006 Purpose Provide practical considerations and lessons learned to the IAB from the Access Card
More informationDATA SHEET. ez/piv CARD KEY FEATURES:
Personal Identity Verification (PIV) Card ez/piv Card satisfies FIPS 201, HSPD-12. It allows your users to authenticate to z/os Security Server through the use of a government PIV or CAC Card. KEY FEATURES:
More informationInteragency Advisory Board Meeting Agenda, Wednesday, April 24, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, April 24, 2013 1. Opening Remarks 2. A Security Industry Association (SIA) Perspective on the Cost and Methods for Migrating PACS Systems to Use PIV
More informationFederated Access. Identity & Privacy Protection
Federated Access Identity & Privacy Protection Presented at: Information Systems Security Association-Northern Virginia (ISSA-NOVA) Chapter Meeting Presented by: Daniel E. Turissini Board Member, Federation
More informationI N F O R M A T I O N S E C U R I T Y
NIST Special Publication 800-73-3 Interfaces for Personal Identity Verification Part 3: End-Point PIV Client Application Programming Interface Ramaswamy Chandramouli David Cooper James F. Dray Hildegard
More informationDepartment of Defense Fiscal Year (FY) 2013 IT President's Budget Request Defense Technical Information Center Overview
Mission Area Department of Defense Business System Breakout Appropriation All Other Resources 19.083 EIEMA 19.083 RDT&E 19.083 FY 2013 ($M) FY 2013 ($M) FY 2013 ($M) FY12 to FY13 Comparision ($M) FY2012
More informationKeith Ward Northrop Grumman IT Smart Card Security Solutions June 04, 2002
Physical and Logical Security Solutions Smart Card Alliance Keith Ward Northrop Grumman IT Smart Card Security Solutions June 04, 2002 1 Outline Homeland Security Mission Spectrum Market Assessment Identification
More informationInteragency Advisory Board Meeting Agenda, December 7, 2009
Interagency Advisory Board Meeting Agenda, December 7, 2009 1. Opening Remarks 2. FICAM Segment Architecture & PIV Issuance (Carol Bales, OMB) 3. ABA Working Group on Identity (Tom Smedinghoff) 4. F/ERO
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More information(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US
(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US Brian A. Kowal, cryptovision cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com
More informationPhysical Access End-to-End Security
Physical Access End-to-End Security Smart Card Alliance Smart Cards in Government-2003 July 16, 2003 Physical Access 3:45 PM Robert Merkert Director, Strategic Accounts All Company and/or product names
More informationPIV Data Model Test Guidelines
This publication is available free of charge from http://csrc.nist.gov/publications/ Draft NIST Special Publication 800-85B-4 PIV Data Model Test Guidelines Ramaswamy Chandramouli Hildegard Ferraiolo Ketan
More informationDoD & FiXs : Identity Superiority
DoD & FiXs : Identity Superiority Implementing common authentication now & into the future. The Federation for Identity and Cross-Credentialing Systems (FiXs) www.fixs.org FiXs - The Federation for Identity
More informationHSPD-12 : The Role of Federal PKI
HSPD-12 : The Role of Federal PKI Judith Spencer Chair, Federal Identity Credentialing Office of Governmentwide Policy General Services Administration judith.spencer@gsa.gov How We Got Here 2005 FIPS-201
More informationUsing the Prototype TWIC for Access A System Integrator Perspective
Using the Prototype TWIC for Access A System Integrator Perspective AAPA Port Security Seminar and Exhibition, Seattle, WA July 19, 2006 Management and Technology Consultants The Challenge How do I manage
More informationSecure Solutions. EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible Cards Accessories
Secure Solutions l l l l BridgePointTM solutions that will take your security system to the next level EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible
More informationDoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics
DoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics IDENTITY Mary Dixon February 12, 2003 1 A Short Review and Update 2 DoD is issuing 4 million smart cards to: Active Duty Military
More informationState of the Industry and Councils Reports. Access Control Council
State of the Industry and Councils Reports Access Control Council Chairman: Lars R. Suneborn, Sr. Manager, Technical Marketing, Government ID, Oberthur Technologies Property of the Smart Card Alliance
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop PACS Integration into the Identity Infrastructure Salvatore D Agostino CEO, IDmachines LLC 8 th Annual
More informationDefense Information System for Security (DISS) Frequently Asked Questions (FAQs)
Defense Manpower Data Center Personnel Security & Assurance Defense Information System for Security (DISS) Frequently Asked Questions (FAQs) Document Version 1.3 28 March 2017 Document History Version
More informationDFARS Safeguarding Covered Defense Information The Interim Rule: Cause for Confusion and Request for Questions
DFARS 252.204.7012 Safeguarding Covered Defense Information The Interim Rule: Cause for Confusion and Request for Questions By Jonathan Hard, CEO And Carol Claflin, Director of Business Development H2L
More informationENTERPRISE ARCHITECTURE
ENTERPRISE ARCHITECTURE Executive Summary With more than $1 billion in information technology investments annually, the Commonwealth of Pennsylvania has evolved into the equivalent of a Fortune 20 organization,
More informationClick to edit Master title style
Federal Risk and Authorization Management Program Presenter Name: Peter Mell, Initial FedRAMP Program Manager FedRAMP Interagency Effort Started: October 2009 Created under the Federal Cloud Initiative
More informationInterfaces for Personal Identity Verification Part 1: PIV Card Application Namespace, Data Model and Representation
Draft NIST Special Publication 800-73-4 Interfaces for Personal Identity Verification Part 1: PIV Card Application Namespace, Data Model and Representation Ramaswamy Chandramouli David Cooper Hildegard
More informationInformation Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV
Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/identify/ndcbf _ITSecPlan_IDGV2017.pdf
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Network Mapping The Network Mapping helps visualize the network and understand relationships and connectivity between
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationAXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure
AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical
More informationSmart Card Alliance Update. Update to the Interagency Advisor Board (IAB) June 27, 2012
Smart Card Alliance Update Update to the Interagency Advisor Board (IAB) June 27, 2012 Industry s Access Control Payments (NEW) Mobile & NFC Identity Industry s Healthcare Transportation Access Control
More informationNISP Update NDIA/AIA John P. Fitzpatrick, Director May 19, 2015
NISP Update NDIA/AIA John P. Fitzpatrick, Director May 19, 2015 Agenda Cybersecurity Information Sharing and the NISP NISP Working Group Update CUI Program Update 2 Executive Order 13691 Promoting Private
More informationpivclass FIPS-201 Reader Operation and Output Selections APPLICATION NOTE , F.0 February Barranca Parkway Irvine, CA 92618
15370 Barranca Parkway Irvine, CA 92618 pivclass FIPS-201 Reader Operation and Output Selections APPLICATION NOTE 6090-905, F.0 February 2014. Contents 1 Overview... 4 2 CHUID Definition... 4 3 FASC-N
More informationThe Leader in Unified Access and Intrusion
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800-116, FIPS 201 and OMB M 11-11 in a High Assurance Trusted FICAM Platform In Partnership with: The Leader
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationBiometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange. LTC Eric Pavlick PM, Biometric Enabling Capabilities
Biometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange LTC Eric Pavlick PM, Biometric Enabling Capabilities 30 JULY 2013 BEC Inc 1 Agenda Program Overview LTC Eric Pavlick, Product
More informationIdentity Assurance Framework: Realizing The Identity Opportunity With Consistency And Definition
Identity Assurance Framework: Realizing The Identity Opportunity With Consistency And Definition Sept. 8, 2008 Liberty Alliance 1 Welcome! Introduction of speakers Introduction of attendees Your organization
More informationAWARD TOP PERFORMER. Minex III FpVTE PFT II FRVT PRODUCT SHEET. Match on Card. Secure fingerprint verification directly on the card
AWARD Speed Accuracy Interoperability TOP PERFORMER PRODUCT SHEET Minex III FpVTE PFT II FRVT Match on Card Secure fingerprint verification directly on the card WWW.INNOVATRICS.COM MATCH ON CARD Our solution
More informationDoD Internet Protocol Version 6 (IPv6) Contractual Language
DoD Internet Protocol Version 6 (IPv6) Contractual Language 1. Purpose: Contents of this document shall be incorporated in Government Acquisition Programs, Procurements, Services, and Contracts (including
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess
More informationFISMAand the Risk Management Framework
FISMAand the Risk Management Framework The New Practice of Federal Cyber Security Stephen D. Gantz Daniel R. Phi I pott Darren Windham, Technical Editor ^jm* ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON
More informationThis is to certify that. Chris FitzGerald. has completed the course. Systems Security Engineering _eng 2/10/08
This is to certify that Chris FitzGerald has completed the course Systems Security Engineering - 206760_eng on 2/10/08 Systems Security Engineering About This Course Overview/Description To define the
More information