Office of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)
|
|
- Malcolm Rogers
- 6 years ago
- Views:
Transcription
1 Office of Transportation Vetting and Credentialing Transportation Worker Identification Credential (TWIC) Program Briefing for the American Association of Port Authorities Chicago, IL 27 April 2005
2 TWIC Program Vision A high-assurance identity credential that is trusted and used across all transportation modes for unescorted physical access to secure areas and logical (cyber) access to systems. Goals Improve security Reduce risk of fraudulent or altered credentials Use biometrics to positively match individual to credential Enhance commerce Reduce need for multiple credentials / vettings Leverage current security investments Protect personal privacy Collect minimum personal data Use a secure system and network 2
3 TWIC Priorities Strong focus on identity assertion Establish and maintain the integrity of the chain of trust for identity management Chain of Trust Binds together: cardholder credential biometric - threat assessment - valid issuer What is printed on the card is embedded in the chip 3
4 Biometric Focus Drive towards excellence through the use of biometrics for physical access solutions ICAO/ANSI/ISO standard photograph ANSI standard fingerprint minutiae ANSI standard fingerprint pattern ANSI standard IRIS 4
5 Program Phases Today Planning Technology Evaluation Prototype East & West Coasts East, West, and FL As-Is Analysis To-Be Analysis Requirements Baseline Technology Evaluation Plan Site Survey Methodology & Performance Metrics Technology Demo Evaluate Range of Potential Technologies for Core Business Process and Requirements Multiple Facilities Five Technologies: Integrated Circuit Chip Optical Memory Stripe Magnetic Stripe Linear Bar Code 2-D Bar Code Cost-Benefit & Life-Cycle Cost Analysis Evaluate Access Technologies for Full Range of Business Processes, Policies and Requirements Biometrics Additional Facility Locations TWIC Technology Prototype (Multi-Tech Card) Policy & Processes Include: Trusted Agent Claimed ID Migration Across Region 5
6 Prototype Goals Planning To-Be Analysis Requirements Baseline Technology Evaluation Evaluate Range of Potential Technologies for Core Business Process and Requirements Prototype Evaluate Access Technologies for Full Range of Business Processes, Policies, and Requirements TWIC Prototype goals: 1. Assess performance of the TWIC identity management architecture and business processes 2. Assess performance of the TWIC credential as an access control tool 3. Assess the readiness of TWIC system to be implemented 6
7 Prototype Participants Participants include transportation workers from maritime, rail, aviation, and ground transportation facilities. Each circle represents a participating transportation facility. Oakland Pensacola Panama City St Joe McArthur Airport Philadelphia Camden Wilmington Fernandina beach Jacksonville Canaveral Long Beach/Los Angeles/LAX Tampa Manatee St Petersburg Ft Pierce Palm Beach Everglades Miami-Dade Key West 7
8 Prototype Credential Contactless Chip Magnetic stripe with FASC-N* *Federal Agency Smart Credential Number Linear 1D Barcode Integrated Circuit Chip (ICC) PDF-417 with Name, GUID* *Global Unique ID number 8
9 Overt Security Features 9
10 Chain of Trust: Prototype Components The chain of trust is a concept used in the TWIC Program that describes the nature of the relationship between the prototype system components. The chain of trust refers to the Program features that ensure personal privacy and security through people, technology, and process to obtain, transfer, and manage personal information. These include: The use of Trusted Agents, personnel who are trained and certified to handle personal information; Advanced information technology that includes such tools as encryption and biometrics to ensure the security and integrity of personal information; and Enrollment Vetting IDMS Card Production Strict standards for performance and business processes. These include system audits to evaluate and improve security. Access Control System Chain of Trust 10
11 Prototype Workflow Overview Transportation Workers 2 Sponsor 1 3 Identity Management System (IDMS) 4 Database Queries 1:n 1:n biometric biometric search search Name-Based Name-Based Terrorist-Focused Terrorist-Focused Risk Risk Assessment Assessment Office Office of of Transportation Transportation Vetting Vetting and and Credentialing Credentialing Enrollment Centers 6 5 Card Production Facility Transportation Workers 7 8 Local Facilities Numbers Indicate Workflow Order 11
12 TWIC Kiosk Allows user to: Pre-enroll for TWIC Enter initial personal data Obtain enrollment appointment Find nearest enrollment facility Be reminded of documents needed to enroll Determine status of any requested action Report lost card, address change, etc. 12
13 Prototype Regional Status The TWIC Program achieved Initial Operating Capability* (IOC) in November 2004 at four sites in PA, CA and FL, with dual interface biometrically enabled smart credentials. Twenty-six local facilities from all modes of transportation and up to 75,000 personnel will participate during Prototype phase. All 26 sites are enrollment capable Over 5,000 TWICs have been produced Over 17,000 enrollment records have been submitted *IOC included operational enrollment centers and card production facilities as well as the infrastructure in place to transmit/receive data and ship/receive cards. It also included an operational facility infrastructure capable of allowing the user to present the TWIC for proper access or denial. 13
14 TWIC Timeline Overview Dec Jan Mar May Jul Sep Nov Jan Mar May Jul Sep Nov Phase III: Prototype 11/04 - IOC 6/05 - FOC Rule Making 5/05 Preliminary (Vendor) Prototype Report 7/05 Final (TSA) Prototype Report TSA / Coast Guard Joint Rulemaking Team 4 th Quarter FY 05 Implementation Decision (KDP-3) 1 st Quarter FY 06 Implementation Phase RFP Phase IV: Implementation 1 st /2 nd Quarter FY 06 Contract 7/06 Award/Start-Up IOC 7/06 Completed Milestone Future Milestone Active Performance Period Approximate NPRM Comment Period Rule Effective Future Performance Period 14
15 Homeland Security Presidential Directive 11 and 12 HSPD 11* Sets policy for comprehensive terrorist-related screening procedures. HSPD 12** Sets policy for a common identification standard for federal employees and contractors (Secure and Reliable Forms of Identification). The TWIC Program served as a model for HSPD-12 as now stated in FIPS 201, SP and SP Requires credentials issued to be: Based on sound criteria for verifying an individual employee's identity; Strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation; Capable of rapid authentication electronically; and Issued only by providers whose reliability has been established by an official accreditation process. * For more information visit: ** For more information visit: 15
16 Current Focus Expand prototype IOC footprint to all participating facilities and workers. Continue emphasis on drafting rule to implement TWIC program for the maritime transportation mode Maintain close contact with stakeholders Prepare to analyze prototype performance data and make recommendations for implementation Continue to assure compliance with emerging credentialing standards and serve a model for an identity management and access control tool 16
17
Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005
Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005 Who Am I? How do you know? 2 TWIC Program Vision A high-assurance identity credential that
More informationTWIC Program Overview for the Smart Cards in Government Conference March 10, 2004
Transportation Worker Identification Credential (TWIC) TWIC Program Overview for the Smart Cards in Government Conference March 10, 2004 TWIC Program Vision Improve security by establishing a system-wide
More informationTWIC Transportation Worker Identification Credential. Overview
TWIC Transportation Worker Identification Credential Overview TWIC Program Vision Goals Improve the security of identity management by establishing a system-wide common credential, universally acceptable
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual
More informationWill Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?
Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions? Jack Radzikowski,, Northrop Grumman & FiXs Smart Card Alliance Annual Meeting La Jolla, California
More informationCredentialing Project Technical Architecture
Credentialing Project Technical Architecture Presented to Transportation Industry Association Stakeholder Meetings April 11-29, 2002 1 Agenda Overview of High Level Architecture Vision Components of Architecture
More informationUsing the Prototype TWIC for Access A System Integrator Perspective
Using the Prototype TWIC for Access A System Integrator Perspective AAPA Port Security Seminar and Exhibition, Seattle, WA July 19, 2006 Management and Technology Consultants The Challenge How do I manage
More informationFiXs - Federated and Secure Identity Management in Operation
FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems
More informationHelping Meet the OMB Directive
Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise
More informationIMPLEMENTING AN HSPD-12 SOLUTION
IMPLEMENTING AN HSPD-12 SOLUTION PAVING THE PATH TO SUCCESS Prepared by: Nabil Ghadiali 11417 Sunset Hills Road, Suite 228 Reston, VA 20190 Tel: (703)-437-9451 Fax: (703)-437-9452 http://www.electrosoft-inc.com
More informationTWIC Update to Sector Delaware Bay AMSC 8 June 2018
TWIC Update to Sector Delaware Bay AMSC 8 June 2018 Agenda TWIC Program Metrics TWIC Next Generation (NexGen Physical Features) Credential Modes of Operation Canceled Card List Mobile App TWIC Assessments
More informationInteragency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future Carol Bales Office of Management and Budget December 2, 2008 Importance of Identity, Credential and Access Management within the Federal
More informationSingle Secure Credential to Access Facilities and IT Resources
Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationSecuring Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS
Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS Introduction The expectations and requirements on government contracts for safety and security projects
More informationJune 17, The NPRM does not satisfy Congressional intent
Comments of the Smart Card Alliance to the U.S. Coast Guard: Transportation Worker Identification Credential (TWIC) Reader Requirements Notice of Proposed Rulemaking (NPRM) Docket ID: USCG-2007-28915 June
More informationInteragency Advisory Board Meeting Agenda, Wednesday, May 23, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Revision of the Digital Signature Standard (Tim Polk, NIST) 3. Update on Content
More informationTWIC or TWEAK The Transportation Worker Identification Credential:
TWIC or TWEAK The Transportation Worker Identification Credential: Issues and Challenges for MTSA-Regulated Facility Owner/Operators THE USUAL DISCLAIMER By: Presentation at AAPA Administrative & Legal
More information000027
000026 000027 000028 000029 000030 EXHIBIT A 000031 Homeland Security Presidential Directive/Hspd-12 For Immediate Release Office of the Press Secretary August 27, 2004 Homeland Security Presidential Directive/Hspd-12
More informationUnified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800 116 (HSPD 12) in a Trusted FICAM Platform In Partnership with: Introduction Monitor Dynamics (Monitor)
More informationexisting customer base (commercial and guidance and directives and all Federal regulations as federal)
ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of
More informationInteragency Advisory Board Meeting Agenda, Wednesday, February 27, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 1. Opening Remarks 2. Discussion on Revisions Contained in Draft SP 800-63-2 (Bill Burr, NIST) 3. The Objectives and Status of Modern
More informationNew Guidance on Privacy Controls for the Federal Government
New Guidance on Privacy Controls for the Federal Government IAPP Global Privacy Summit 2012 March 9, 2012 Dr. Ron Ross Computer Security Division, NIST Martha Landesberg, J.D., CIPP/US The Privacy Office,
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More informationMultiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation
Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation Insert Company logo here A Smart Card Alliance Educational Institute Course Multiple credential
More informationNational Transportation Worker ID Card (TWIC) Credentialing Direct Action Group Functional Requirements DRAFT
Purpose: National Transportation Worker ID Card (TWIC) Credentialing Direct Action Group Functional Requirements DRAFT 1. The primary goal of the CDAG is to fashion a nationwide transportation worker identity
More informationInteragency Advisory Board Meeting Agenda, April 27, 2011
Interagency Advisory Board Meeting Agenda, April 27, 2011 1. Open Remarks (Mr. Tim Baldridge, IAB Chair) 2. FICAM Plan for FIPS 201-2 (Tim Baldridge, IAB Chair and Deb Gallagher, GSA) 3. NSTIC Cross-Sector
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationSAC PA Security Frameworks - FISMA and NIST
SAC PA Security Frameworks - FISMA and NIST 800-171 June 23, 2017 SECURITY FRAMEWORKS Chris Seiders, CISSP Scott Weinman, CISSP, CISA Agenda Compliance standards FISMA NIST SP 800-171 Importance of Compliance
More informationHow to Plan, Procure & Deploy a PIV-Enabled PACS
How to Plan, Procure & Deploy a PIV-Enabled PACS Access Control Council Webinar Series Session Two: Facility Characteristics & Risk Assessment Introductions Randy Vanderhoof, Secure Technology Alliance
More informationTWIC Readers What to Expect
TWIC Readers What to Expect Walter Hamilton Chairman International Biometric Industry Association Walter Hamilton International Biometric Industry Association 1155 F Street, NW Washington, DC 20004 (727)
More informationMaintaining Trust: Visa Inc. Payment Security Strategy
Maintaining Trust: Visa Inc Payment Security Strategy Ellen Richey 2010 Payments Conference Chicago Federal Reserve Global Electronic Payments Protecting the payment system is a shared responsibility among
More informationEmergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery
Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery A Smart Card Alliance White Paper Publication Date:
More informationPublished Privacy Impact Assessments on the Web. ACTION: Notice of Publication of Privacy Impact Assessments (PIA).
This document is scheduled to be published in the Federal Register on 03/22/2012 and available online at http://federalregister.gov/a/2012-06847, and on FDsys.gov 9110-9L DEPARTMENT OF HOMELAND SECURITY
More informationVersion 3.4 December 01,
FIXS OPERATING RULES Version 3.4 December 01, 2015 www.fixs.org Copyright 2015 by the Federation for Identity and Cross-Credentialing Systems, Inc. All Rights Reserved Printed in the United States of America
More informationSecure Government Computing Initiatives & SecureZIP
Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS
More informationNational Biometric Security Project
National Biometric Security Project Activity Update: 2003-2005 Biometric Consortium Conference 2005 National Biometric Security Project Mission Assist government and private sector organizations deter
More informationFIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013
FIPS 201-2 and NIST Special Publications Update Smart Card Alliance Webinar November 6, 2013 Today s Webinar Topics & Speakers Introductions: Randy Vanderhoof, Executive Director, Smart Card Alliance FIPS
More informationCONE 2019 Project Proposal on Cybersecurity
CONE 2019 Project Proposal on Cybersecurity Project title: Comprehensive Cybersecurity Platform for Bangladesh and its Corporate Environments Sector or area: Cybersecurity for IT, Communications, Transportation,
More informationNFC Identity and Access Control
NFC Identity and Access Control Peter Cattaneo Vice President, Business Development Agenda Basics NFC User Interactions Architecture (F)ICAM Physical Access Logical Access Future Evolution 2 NFC Identity
More informationPolicy on Standardization of Airport Access Security 14.May.2008
Policy on Standardization of Airport Access Security 14.May.2008 Security Solutions & Services Agenda What s happening in aviation security? What are the key policy drivers? What s happening to improve
More informationFPKIPA CPWG Antecedent, In-Person Task Group
FBCA Supplementary Antecedent, In-Person Definition This supplement provides clarification on the trust relationship between the Trusted Agent and the applicant, which is based on an in-person antecedent
More informationMobile Validation Solutions
227 Mobile Validation Solutions John Bys Executive Vice President Copyright 2007, CoreStreet, Ltd. Who has requirements? Maritime Safety Transportation Act Ports / MTSA Facilities Vehicle check points
More informationNIST Security Certification and Accreditation Project
NIST Security Certification and Accreditation Project An Integrated Strategy Supporting FISMA Dr. Ron Ross Computer Security Division Information Technology Laboratory 1 Today s Climate Highly interactive
More informationFedRAMP: Understanding Agency and Cloud Provider Responsibilities
May 2013 Walter E. Washington Convention Center Washington, DC FedRAMP: Understanding Agency and Cloud Provider Responsibilities Matthew Goodrich, JD FedRAMP Program Manager US General Services Administration
More informationFederal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance November 10, 2009 Powered by the Federal Chief Information Officers Council and the Federal Enterprise Architecture
More informationTo be covered: S&T Intro TTWG. Research/Pilots. Scope Goals Report
Personal Identity Verification- Interoperability/ First Responder Authentication Credential (PIV-I/FRAC) I/FRAC) Technology Transition Work Group (TTWG) Karyn Higa-Smith Research Program Manager Cyber
More informationTWIC Next Generation Card Design
TWIC Next Generation Card Design Authentication Guide June 2018 First issued by the Transportation Security Administration (TSA) in October 2007, the (TWIC) is a biometrically enabled card credential mandated
More informationCybersecurity Risk Management:
Cybersecurity Risk Management: Building a Culture of Responsibility G7 ICT and Industry Multistakeholder Conference September 25 2017 Adam Sedgewick asedgewick@doc.gov Cybersecurity in the Department of
More informationMaritime Cyber Security Project Work Plan. Maritime Cyber Security. Work Plan Draft
Maritime Cyber Security Project Maritime Cyber Security Draft August 8, 2016 1 INTRODUCTION On July 27, 016, the American Bureau of Shipping (ABS) received notification of award of the Maritime Cyber Security
More informationWritten Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company
Written Statement of Timothy J. Scott Chief Security Officer The Dow Chemical Company Representing The Dow Chemical Company and the American Chemistry Council To the United States Senate Committee on Homeland
More informationFederated Access. Identity & Privacy Protection
Federated Access Identity & Privacy Protection Presented at: Information Systems Security Association-Northern Virginia (ISSA-NOVA) Chapter Meeting Presented by: Daniel E. Turissini Board Member, Federation
More informationCard Issuance/Encoding & PIN Pads
Card Issuance/Encoding & PIN Pads From Card Issuance to Card Security Card Issuance/Encoding & PIN Pads Card issuers know they can put their trust in Mag- Tek. Whether meeting the growing need for instant,
More informationDISTRICT OF COLUMBIA WATER AND SEWER AUTHORITY ATTACHMENT A A-1: BACKGROUND AND CONTRACTOR QUALIFICATIONS A-2: SCOPE OF WORK
DISTRICT OF COLUMBIA WATER AND SEWER AUTHORITY ATTACHMENT A A-1: BACKGROUND AND CONTRACTOR QUALIFICATIONS A-2: SCOPE OF WORK GOODS AND SERVICES CONTRACTS Page 1 of 5 RFP 16-PR-DEM-33 Comprehensive All-Hazards
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More informationBiometric Use Case Models for Personal Identity Verification
Biometric Use Case Models for Personal Identity Verification Walter Hamilton International Biometric Industry Association & Saflink Corporation Smart Cards in Government Conference Arlington, VA April
More informationRevision 2 of FIPS 201 and its Associated Special Publications
Revision 2 of FIPS 201 and its Associated Special Publications Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov IAB meeting, December 4, 2013 FIPS 201-2
More informationSmart Cards & Credentialing in the Federal Government
Smart Cards & Credentialing in the Federal Government Smart Card Alliance 13 Feb 2003 Salt Lake City Bill Holcombe GSA Office of Governmentwide Policy New Urgency for Credentialing Solutions Post 9/11
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationCyber Management for Ports Results of Small Port Cyber Security Workshops
AAPA Port Governing Boards Cyber Management for Ports Results of Small Port Cyber Security Workshops MARAD and the CHCP June 2018 1200 New Jersey Ave., SE Washington DC 20590 w w w. d o t. g o v Recent
More informationPIN Entry & Management
PIN Entry & Management From PIN selection to PIN verification Card issuers and merchants know they can put their trust in MagTek. Whether meeting the growing need for instant, in-branch card and PIN issuance
More informationPhysical Access Control Systems and FIPS 201
Physical Access Control Systems and FIPS 201 Physical Access Council Smart Card Alliance December 2005 1 This presentation was developed by the Smart Card Alliance Physical Access Council. The goals of
More informationHITPC Stage 3 Request for Comments Smart Card Alliance Comments January, 14, 2013
HITPC Stage 3 Request for Comments Smart Card Alliance Comments January, 14, 2013 The Smart Card Alliance hereby submits the following comments regarding the Health Information Technology Policy Committee
More informationState of the Industry and Councils Reports. Access Control Council
State of the Industry and Councils Reports Access Control Council Chairman: Lars R. Suneborn, Sr. Manager, Technical Marketing, Government ID, Oberthur Technologies Property of the Smart Card Alliance
More informationAbout MagTek. PIN Entry & Management
About MagTek Since 1972, MagTek has been a leading manufacturer of electronic devices and systems for the reliable issuance, reading, transmission and security of cards, checks, PINs and other identification
More informationIMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION
IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION Briefing for OFPP Working Group 19 Feb 2015 Emile Monette GSA Office of Governmentwide Policy emile.monette@gsa.gov Cybersecurity Threats are
More informationThe U.S. Coast Guard s Role in Cybersecurity
The U.S. Coast Guard s Role in Cybersecurity Mr. Thomas P. Michelli Deputy Chief Information Officer U.S. Coast Guard What is Cyberspace? Domain characterized by the use of electronics and the electromagnetic
More informatione-sens Nordic & Baltic Area Meeting Stockholm April 23rd 2013
e-sens Nordic & Baltic Area Meeting Stockholm April 23rd 2013 Objectives of the afternoon parallel tracks sessions 2 Meeting objectives High level: Identification of shared interests with emphasis on those
More informationDoD & FiXs : Identity Superiority
DoD & FiXs : Identity Superiority Implementing common authentication now & into the future. The Federation for Identity and Cross-Credentialing Systems (FiXs) www.fixs.org FiXs - The Federation for Identity
More informationJordan Levesque Making sure your business is PCI compliant
Jordan Levesque Making sure your business is PCI compliant Brief overview of PCIDSS What's new in PCI DSS 3.2 Why is PCI important? Dive in! Simple things you can do to be secure Tomorrows session: What
More informationMandate. Delivery. with evolving. Management and credentials. Government Federal Identity. and. Compliance. using. pivclasss replace.
Simplifying Compliance with the U.S. Government Federal Identity Mandate The first in a series of papers on HID Global ss Federal Identity Initiative and Delivery Strategy U.S. government agencies are
More informationInteragency Advisory Board (IAB) Meeting. August 09, 2005
Interagency Advisory Board (IAB) Meeting August 09, 2005 Agenda National Institute of Standards and Technology (NIST) Discussion on Reference Implementation and Conformance Testing IAB Working Group Updates
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT December 13, 2006 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-1 RFP: TQC-JTB-05-0001 December 13, 2006 REVISION HISTORY
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationAdvanced Two-Way Metering. Looking Forward
Advanced Two-Way Metering Looking Forward June 5 2017 Seeking board guidance today Beginning Detailed Technical Design & Request For Proposal Include Opt-Out & Opt-Up Alternatives Through the RFP Chelan
More informationDHS ID & CREDENTIALING INITIATIVE IPT MEETING
DHS ID & CREDENTIALING INITIATIVE IPT MEETING October 14, 2004 Part 02 of 02 IMS/CMS Functional Specification General Issuance Requirements Issue a GSC-IS 2.1 compliant dual chip hybrid ICC/DESFire v0.5
More informationAAPA Smart Ports. Cyber Management for Ports Panel. Small Port Cyber Security Workshops. March 6, 2018
AAPA Smart Ports Cyber Management for Ports Panel Small Port Cyber Security Workshops March 6, 2018 1200 New Jersey Ave., SE Washington DC 20590 w w w. d o t. g o v Port Infrastructure Development More
More informationHow Threat Modeling Can Improve Your IAM Solution
How Threat Modeling Can Improve Your IAM Solution John Fehan Senior Consultant OpenSky Corporation October 2 nd, 2015 Agenda Evolution of Identity and Access Management (IAM) Solutions An sample IAM contextual
More informationITU-T SG 17 Q10/17. Trust Elevation Frameworks
ITU-T SG 17 Q10/17 Trust Elevation Frameworks Abbie Barbir, Ph.D. ITU-T SG 17 Q10 Rapporteur Martin Euchner SG 17 Advisor ITU Workshop on "Future Trust and Knowledge Infrastructure July 1 2016 Contents
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationDoD Software Assurance Initiative. Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS
DoD Software Assurance Initiative Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS Agenda Background Software Assurance Definition Guiding Principles for SwA DoD SwA Strategy Elements»
More informationFederal Information Processing Standard (FIPS) What is it? Why should you care?
Federal Information Processing Standard (FIPS) 140-2 What is it? Why should you care? SECURITY IS BECOMING A GROWING CONCERN The migration from TDM to IP communication networks has drastically increased
More informationInternational Standard ISO/IEC 17799:2000 Code of Practice for Information Security Management. Frequently Asked Questions
November 2002 International Standard ISO/IEC 17799:2000 Code of Practice for Information Security Management Introduction Frequently Asked Questions The National Institute of Standards and Technology s
More informationSupply Chain (In)Security
Supply Chain (In)Security IEEE Cybersecurity Speaker Chris Webb Partner, Security Practice Orange County, California 20+ years of experience developing, securing, and managing enterprise systems. Specializes
More informationNational Infrastructure Protection Plan (NIPP) Transportation Sector Specific Plan (TSSP) and The TSSP R&D Working Group
National Infrastructure Protection Plan (NIPP) Transportation Sector Specific Plan (TSSP) and The TSSP R&D Working Group AASHTO Special Committee on Transportation Security & The National Cooperative Highway
More informationThe next generation of knowledge and expertise
The next generation of knowledge and expertise UNDERSTANDING FISMA REPORTING REQUIREMENTS 1 HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404
More informationUsing PIV Technology Outside the US Government
Using PIV Technology Outside the US Government Author: Bob Dulude Publishing: 10/19/15 Introduction A common perception of many who have heard of the US Government s Personal Identity Verification (PIV)
More informationSecurity Management Models And Practices Feb 5, 2008
TEL2813/IS2820 Security Management Security Management Models And Practices Feb 5, 2008 Objectives Overview basic standards and best practices Overview of ISO 17799 Overview of NIST SP documents related
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationSection 1: Assessment Information
Section 1: Assessment Information Instructions for Submission This document must be completed as a declaration of the results of the merchant s self-assessment with the Payment Card Industry Data Security
More informationStrong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing LANCEN LACHANCE VICE PRESIDENT PRODUCT MANAGEMENT GLOBALSIGN WHAT YOU WILL LEARN TODAY 1 2 3 Examining of security risks with smart connected products Implementing
More informationCyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016
Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations Arkansas Joint Committee on Energy March 16, 2016 CenterPoint Energy, Inc. (NYSE: CNP) Regulated Electric and Natural Gas Utility
More informationDFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017
DFARS 252.204-7012 Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017 As with most government documents, one often leads to another. And that s the case with DFARS 252.204-7012.
More informationBiometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange. LTC Eric Pavlick PM, Biometric Enabling Capabilities
Biometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange LTC Eric Pavlick PM, Biometric Enabling Capabilities 30 JULY 2013 BEC Inc 1 Agenda Program Overview LTC Eric Pavlick, Product
More informationWhat's New in CTPAT. Logo and Abbreviation Current Membership Trusted Trader Best Practices Minimum Security Criteria Outreach/Training
What s New Our Mission Detect and prevent terrorists and terrorist weapons from entering the United States, while facilitating the orderly and efficient flow of legitimate trade and people at and through
More informationAir Entry/Exit Re-engineering (AEER)
Air Entry/Exit Re-engineering (AEER) Homeland Security Science & Technology Advisory Committee (HSSTAC) April 8, 2014 Bob Burns Director, Apex AEER Project Homeland Security Advanced Research Projects
More informationThe J100 RAMCAP Method
The J100 RAMCAP Method 2012 ORWARN Conference Kevin M. Morley, PhD Security & Preparedness Program Manager AWWA--Washington, DC Water is Key to Daily Life Potable drinking water Sanitation Public Health
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess
More information