Policy on Standardization of Airport Access Security 14.May.2008
|
|
- Annabel Montgomery
- 5 years ago
- Views:
Transcription
1 Policy on Standardization of Airport Access Security 14.May.2008 Security Solutions & Services
2 Agenda What s happening in aviation security? What are the key policy drivers? What s happening to improve the situation? 1 Security Solutions & Services
3 Six events, all at once Security breaches Picked up by the press OMG factor Leads to Congressional action Consortium/Association actions DHS/TSA regulatory initiatives TSA specifications Rumored HSPD on biometrics for airports Oy 2 Security Solutions & Services
4 Generalized Weaknesses for IdM-CIS (Weaknesses are numbered, specific aspects are lettered) 1.Inappropriate Granting of an ID Card (or unwarranted Credential approval) a. Undetected ineligibility based on citizenship/immigration status b. Undetected previous derogatory information DHS c. Undetected previous derogatory information Criminal d. Undetected previous derogatory information Employment e. Mis-adjudicated identified derogatory/eligibility information all sources f. Insider support to avoid disqualification (NOTE: in items a-f, consideration must be given to both proactive imposters and inadvertent oversights/errors. Proactivity could take the form of aliases, false SSN, forged/tampered breeder documents, collusion, etc. 2.Fraudulent use of Active ID Card by Imposter a. Lost and unreported ID Card b. Stolen ID Card (and possibly PACS PIN) prior to reporting as stolen c. Cloned ID Card (and possibly PACS PIN) d. Spoofing biometrically enabled ID Card 3.Uncontrolled Revoked ID Card a. Local Privileges not removed with knowledge of ID revocation b. Local Privileges not removed due to absence of knowledge of revocation (e.g. transient employees with PACS Interoperable ID Card) i. Failure to report revocation by sponsor to issuer ii. Failure to report revocation by issuer to central services iii. Failure to request revocation information from central service iv. Failure to disseminate revocation information to PACS decision points v. Failure to validate revocation status at decision point c. Gain access at unattended, PACS controlled entry point using piggybacking (incidental) d. Gain access at unattended, PACS controlled entry point using piggybacking (collusion) e. Gain access at attended (not PACS controlled) entry point (photo sufficient likeness, human Identity verification error by attendant, attendant not diligent, etc.) (NOTE: italicized items are not IdM-CIS related issued, but rather are PACS related or external) 3 Security Solutions & Services
5 Taxi Bus Limo Public Terminal Area LANDSIDE Exit (Parking & Checkpoint Terminal Curbside checkin Entrance) LEO Courtesy Vans Rental Cars SCA Ft Train SCA Ft VIP Train Sterile Terminal Area FIS Utility tunnel G Gate G G O P S EAA/TSP Vendor Supplies A T C Air Operations Area (AOA) Secured Area & SIDA Catering Construction Vehicles & Changes Fuel CHRC/ID ACS Escort Challenge T&D DDR Aircraft Maintenance ARFF/ Structural Employee Parking Apt Maint & Vehicles Trash Cargo / Mail Remote or in-terminal.. FBO / GA Military & Joint Use Natural Barrier
6 Who Owns the Problem? By regulation and current law Airports Full ID verification to make an access decision ID Proofing may have been done by the employer Threat assessment Federal component Local component Issuance, activation and revocation In the future ID Proofing by DHS? Why are airports liable for the failure of EEV, STA, SAVE, etc.? 5 Security Solutions & Services
7 Many Parallel Events 14.March Federal Identity and Credentialing Committee s architecture working group published the draft Back-end Attribute Exchange Architecture and Technical Specification (BAE Spec) 1.April National Institute for Standards and Technology published Special Publication (SP ) in draft form 2.April AAAE forms the Biometric Airport Security Identification Consortium (BASIC) 29.April RTCA Special Committee 207 voted approval and completion of its work on the revisions to the DO-230A. This work is anticipated to publish as the DO-230B in June April The TSA just published to airports their draft Aviation Credential Interoperability Solution (ACIS) Technical Specification to the aviation community 7.May.2008 HR 5982??? HSPD? 6 Security Solutions & Services
8 Congressional H.R The Biometric Enhancement and Airport-Risk Reduction (BEAR) Act of 2008 The bill requires: The Transportation Security Administration (TSA) to study existing and proposed industry programs that enhance our biometric security systems at airports. TSA to study how airports can transition to uniform, standardsbased and interoperable biometric identifier systems for airport workers with unescorted access. TSA to submit to Congress a breakdown on best practices for issuing biometric credentials for airport workers. The Secretary of Homeland Security to spearhead a working group with industry stakeholders to strengthen private and public partnerships as they support the Secretary and Assistant Secretary in carrying out this Act. 7 Security Solutions & Services
9 ID and Systems managing the risk RTCA DO-230B takes a System of Systems approach Offensive strategies for positive controls IdM-CIS PACS Defensive and response strategies Intrusion Detection and Perimeter Detection Video Surveillance Central to all Communications infrastructure Security Operations Center (SOC) New territories Interoperable credentials 8 Security Solutions & Services
10 What is the key driver? Identity Assurance for an access decision FIPS 201 compliant technology and processes Credentials defined have three missions Personal Identity Verification (biometrics) Physical Access PACS Logical Access (PKI) LACS FIPS 201 is critical enabling technology Defines opportunity for Convergence between PACS and LACS More importantly Identity Assurance 9 Security Solutions & Services
11 Depending on your point of view FIPS 201 is upside down! HSPD-12 drove Federal Agencies to converged ID Extensive use of PKI in Federal applications FIPS 201 was driven by PKI policies and methods PACS was secondary Focused on interoperability across the federal enterprise Aviation environment defined by DO-230B Driven by Physical Access for safety and security of airport facilities and personnel Logical access using PKI is mentioned, but not exploited In airports, interoperability is _not_ required For the moment, that is 10 Security Solutions & Services
12 Consider the Opportunities Identity Assurance Confidence in WHO we are granting access to assets Convergence One person, one ID card, common understanding of access Revoke the ID card, revoke all access to the airport s networks, systems and services Using PKI login DoD experience: 90% reduction in penetration of critical systems Coordinated Identification Friend/Foe 11 Security Solutions & Services
13 System of Systems 12 Security Solutions & Services
14 Transfer Trust Link at privilege granting Application Authority Identity Authority An ID card asserts the identity of the legitimate cardholder, but may not grant explicit privilege Attribute Attribute Certification Certification Subject Verification Link at use Identity Identity Assertion Assertion Link at enrollment and vetting Establish Trust Person/ Subject 13 Security Solutions & Services
15 External revocation Federal/State/Local Business Suitability Sponsor Collect Biographic Collect Biometric Send enrollment Collect/examine Breeder Collect/examine sponsorship Sign complete enrollment STA/CHRC Revoke Evaluate Enrollment data Adjudicate Resolve disputes Redress Data Issue Renew Re-issue Re-Enroll Confirm applicant Identity Finalize card Confirm operation Issue Check Duplicate aviation wide Identify local duplicates Receive Secure prior to issuance External Duplicate ID Service (aviation wide) Print Personalize Control Inventory Send/Ship cards PACS/LACS
16 Sponsor Subject Applicant Apply Trusted Agent Enroll & Approve Participant Trusted Agent Bearer Issue Card Cardholder Register to PACS Trusted Agent Cardholder Imposter Cardholder Authorized Cardholder in ISSA
17 Threat/Risk Assessment ID Management and Credential Issuance System Gateway svcs DHS/TSA EAA TSP 1:n Biometrics PACS Gateway IDMS CMS Cert Auth Applicant Enrollment Issuance Workstation Cardholder
18 Threat/Risk Assessment 3 rd Party Shared Service Providers 1:n Biometrics Airport Owner/Operators Airlines DHS Gateway SSP Cert Auth Card Production Facility Local Law Enforcement Gateway IDMS PACS CMS ID Management and Credential Issuance System Applicant Enrollment Issuance Workstation Cardholder
19 Threat/Risk Assessment SSP Cert Auth 1:n Biometrics Applicant IDMS CMS Enrollment Card Production Facility Participant Issuance Workstation Cardholder ID Management and Credential Issuance System Registrant Registration Workstation PACS Gateway
20 Minimal ID Record Never divulged Credential Data Tables Driver s License Passport Social Security Card TWIC ACIS credential SIDA 1 lost SIDA 2 expired SIDA 3 current Person ID Credential Data Attribute Data PI Pointer Pointer Breeder Documents Encrypted at rest ID Binding Operational/ Issued Customer Credentials Svc Info; Operational Security Info Attribute Data Tables Fingerprint Images Iris Images Facial Image Fingerprint Templates Name Addr Contact Status Audit Activity
21 SSP Cert Auth PACS Gateway Gateway IdM-CIS PACS Appliance
22 SSP Cert Auth PACS Gateway Gateway IdM-CIS Registration Workstation Applicant
23 SSP Cert Auth PACS Gateway Gateway IdM-CIS Enrollment Registration Workstation Applicant Access Card Applicant
24 SSP Cert Auth SSP Cert Auth Gateway Attributes PACS Gateway Gateway IdM-CIS Gateway IdM-CIS Registration Workstation Applicant Applicant
25 Summary about Interoperable ID ID is not the end game Need both offense and defense involved Recognize challenges of our real world security Not just about me, more about situational awareness Interoperability is an end game the critical tool Enables management of situations Reduces costs, security risks Improves efficiency Shared Services are critical Duplication checking reduces ID fraud and known risks Secure ID can be expensive Share the load 24 Security Solutions & Services
26 TSA ACIS ACIS, in current draft, enables Phase 1 - Identity Assurance, through a standardized ACIS credential and trust model, supporting local decisions for access control Phase 2 - Field challenge programs for identity within an airport Phase 3 - Over time, the opportunity for an interoperable access tool Carefully designed, it does not specify contactless operations until phase 3 Allows use of existing PACS infrastructure Supports migration planning Allows time for interoperable contactless biometric application to be developed 25 Security Solutions & Services
27 BASIC BASIC Concept of Operations thumbnail: Airports participating in BASIC have identified several key principles that must be part of any future biometric-based badging and access control systems, including: Safeguards on local control and issuance of credentials, Leveraging of existing capital investments and resources, Open architecture and local determination of qualified vendors, and Phased implementation that migrates over time. No public meetings yet. These are anticipated soon. Should gain significantly from prior art RTCA DO-230B ACIS specification RTIC process (not necessarily resulting spec) 26 Security Solutions & Services
28 Concerns to Manage Federation When and if it is needed Privacy and security Of the information in the credential Of the information in databases/on networks Of the information printed on the credential Against attackers By policy and law Weighed against Operational need Expectations of the bearer 27 Security Solutions & Services
29 ID coming to you Federal Initiatives advance around FIPS 201 Drives lower costs of total system ownership Mitigates risks for fraudulent access Impacts parallel environments Hospitals Airports Enterprise seeking to do business with Government Enterprise with extranet relationships Opportunities to exploit OpenID Use of a secure ID in your customer relationship 28 Security Solutions & Services
30 Significant Areas Yet to be Addressed Identity Assurance technology for interoperability is there Policies and cultures yet to be updated Visual ID challenge programs vs. Electronic challenge Trust infrastructures Federal Bridge availability Access to NACI or ability to define equivalency Technologies to finalize gateways Look to Back-End Attribute Exchange Specification by GSA AWG 29 Security Solutions & Services
31 Stephen P. Howard VP Thank Business You! Development, Identity Management Thales e-security, Inc Security Solutions & Services
Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005
Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005 Who Am I? How do you know? 2 TWIC Program Vision A high-assurance identity credential that
More informationOffice of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)
Office of Transportation Vetting and Credentialing Transportation Worker Identification Credential (TWIC) Program Briefing for the American Association of Port Authorities Chicago, IL 27 April 2005 TWIC
More informationTWIC Transportation Worker Identification Credential. Overview
TWIC Transportation Worker Identification Credential Overview TWIC Program Vision Goals Improve the security of identity management by establishing a system-wide common credential, universally acceptable
More informationInteragency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future Carol Bales Office of Management and Budget December 2, 2008 Importance of Identity, Credential and Access Management within the Federal
More informationFiXs - Federated and Secure Identity Management in Operation
FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems
More informationInteragency Advisory Board Meeting Agenda, Wednesday, February 27, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 1. Opening Remarks 2. Discussion on Revisions Contained in Draft SP 800-63-2 (Bill Burr, NIST) 3. The Objectives and Status of Modern
More informationInteragency Advisory Board Meeting Agenda, Wednesday, May 23, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Revision of the Digital Signature Standard (Tim Polk, NIST) 3. Update on Content
More informationTWIC Program Overview for the Smart Cards in Government Conference March 10, 2004
Transportation Worker Identification Credential (TWIC) TWIC Program Overview for the Smart Cards in Government Conference March 10, 2004 TWIC Program Vision Improve security by establishing a system-wide
More informationNational Transportation Worker ID Card (TWIC) Credentialing Direct Action Group Functional Requirements DRAFT
Purpose: National Transportation Worker ID Card (TWIC) Credentialing Direct Action Group Functional Requirements DRAFT 1. The primary goal of the CDAG is to fashion a nationwide transportation worker identity
More informationHelping Meet the OMB Directive
Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise
More informationSingle Secure Credential to Access Facilities and IT Resources
Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop PACS Integration into the Identity Infrastructure Salvatore D Agostino CEO, IDmachines LLC 8 th Annual
More informationUnified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800 116 (HSPD 12) in a Trusted FICAM Platform In Partnership with: Introduction Monitor Dynamics (Monitor)
More informationSecuring Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS
Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS Introduction The expectations and requirements on government contracts for safety and security projects
More informationTWIC Readers What to Expect
TWIC Readers What to Expect Walter Hamilton Chairman International Biometric Industry Association Walter Hamilton International Biometric Industry Association 1155 F Street, NW Washington, DC 20004 (727)
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual
More informationTWIC or TWEAK The Transportation Worker Identification Credential:
TWIC or TWEAK The Transportation Worker Identification Credential: Issues and Challenges for MTSA-Regulated Facility Owner/Operators THE USUAL DISCLAIMER By: Presentation at AAPA Administrative & Legal
More informationCredentialing Project Technical Architecture
Credentialing Project Technical Architecture Presented to Transportation Industry Association Stakeholder Meetings April 11-29, 2002 1 Agenda Overview of High Level Architecture Vision Components of Architecture
More informationMultiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation
Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation Insert Company logo here A Smart Card Alliance Educational Institute Course Multiple credential
More informationUsing the Prototype TWIC for Access A System Integrator Perspective
Using the Prototype TWIC for Access A System Integrator Perspective AAPA Port Security Seminar and Exhibition, Seattle, WA July 19, 2006 Management and Technology Consultants The Challenge How do I manage
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop Total Operational Security Roger Roehr Executive Director, Roehr Consulting 8 th Annual Smart Cards
More informationTWIC Implementation Challenges and Successes at the Port of LA. July 20, 2011
TWIC Implementation Challenges and Successes at the Port of LA 1 July 20, 2011 Agenda Port of LA TWIC Field Test Background Objectives Approach Results Implementation Challenges and Successes! Recommendations
More informationTWIC Update to Sector Delaware Bay AMSC 8 June 2018
TWIC Update to Sector Delaware Bay AMSC 8 June 2018 Agenda TWIC Program Metrics TWIC Next Generation (NexGen Physical Features) Credential Modes of Operation Canceled Card List Mobile App TWIC Assessments
More informationSTANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season
STANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season IBERIA PARISH STATE OF LOUISIANA STANDARD OPERATING PROCEDURE Critical Infrastructure Owners/Operators
More informationFIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013
FIPS 201-2 and NIST Special Publications Update Smart Card Alliance Webinar November 6, 2013 Today s Webinar Topics & Speakers Introductions: Randy Vanderhoof, Executive Director, Smart Card Alliance FIPS
More informationJune 17, The NPRM does not satisfy Congressional intent
Comments of the Smart Card Alliance to the U.S. Coast Guard: Transportation Worker Identification Credential (TWIC) Reader Requirements Notice of Proposed Rulemaking (NPRM) Docket ID: USCG-2007-28915 June
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationEmergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery
Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery A Smart Card Alliance White Paper Publication Date:
More informationKeith Ward Northrop Grumman IT Smart Card Security Solutions June 04, 2002
Physical and Logical Security Solutions Smart Card Alliance Keith Ward Northrop Grumman IT Smart Card Security Solutions June 04, 2002 1 Outline Homeland Security Mission Spectrum Market Assessment Identification
More informationVersion 3.4 December 01,
FIXS OPERATING RULES Version 3.4 December 01, 2015 www.fixs.org Copyright 2015 by the Federation for Identity and Cross-Credentialing Systems, Inc. All Rights Reserved Printed in the United States of America
More information(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US
(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US Brian A. Kowal, cryptovision cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com
More informationInteragency Advisory Board Meeting Agenda, April 27, 2011
Interagency Advisory Board Meeting Agenda, April 27, 2011 1. Open Remarks (Mr. Tim Baldridge, IAB Chair) 2. FICAM Plan for FIPS 201-2 (Tim Baldridge, IAB Chair and Deb Gallagher, GSA) 3. NSTIC Cross-Sector
More informationAXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure
AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical
More informationHow to Plan, Procure & Deploy a PIV-Enabled PACS
How to Plan, Procure & Deploy a PIV-Enabled PACS Access Control Council Webinar Series Session Two: Facility Characteristics & Risk Assessment Introductions Randy Vanderhoof, Secure Technology Alliance
More informationPhysical Access Control Systems and FIPS 201
Physical Access Control Systems and FIPS 201 Physical Access Council Smart Card Alliance December 2005 1 This presentation was developed by the Smart Card Alliance Physical Access Council. The goals of
More informationThursday, May 15. Track D Security & Access Control
Thursday, May 15 Track D Security & Access Control Session: PKI Logical Access Technology & Applications Time: 10:15 AM 12:00 PM Room: W204 D Moderator: Steve Howard VP, Business Development, Identity
More informationLeveraging HSPD-12 to Meet E-authentication E
Leveraging HSPD-12 to Meet E-authentication E Policy and an update on PIV Interoperability for Non-Federal Issuers December 2, 2008 Chris Louden IAB 1 Leveraging HSPD-12 to Meet E-Authentication E Policy
More information000027
000026 000027 000028 000029 000030 EXHIBIT A 000031 Homeland Security Presidential Directive/Hspd-12 For Immediate Release Office of the Press Secretary August 27, 2004 Homeland Security Presidential Directive/Hspd-12
More informationMobile Validation Solutions
227 Mobile Validation Solutions John Bys Executive Vice President Copyright 2007, CoreStreet, Ltd. Who has requirements? Maritime Safety Transportation Act Ports / MTSA Facilities Vehicle check points
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More informationCincinnati/Northern Kentucky International Airport. Partnership for Nuclear Security Insider Threat Summit September, 2015
Cincinnati/Northern Kentucky International Airport Partnership for Nuclear Security Insider Threat Summit September, 2015 Cincinnati USA Story 2 28 th largest metropolitan area in the USA with 2.1M population
More informationIMPLEMENTING AN HSPD-12 SOLUTION
IMPLEMENTING AN HSPD-12 SOLUTION PAVING THE PATH TO SUCCESS Prepared by: Nabil Ghadiali 11417 Sunset Hills Road, Suite 228 Reston, VA 20190 Tel: (703)-437-9451 Fax: (703)-437-9452 http://www.electrosoft-inc.com
More informationDFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017
DFARS 252.204-7012 Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017 As with most government documents, one often leads to another. And that s the case with DFARS 252.204-7012.
More informationRevision 2 of FIPS 201 and its Associated Special Publications
Revision 2 of FIPS 201 and its Associated Special Publications Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov IAB meeting, December 4, 2013 FIPS 201-2
More informationSecure Government Computing Initiatives & SecureZIP
Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS
More informationInteragency Advisory Board Meeting Agenda, Wednesday, June 29, 2011
Interagency Advisory Board Meeting Agenda, Wednesday, June 29, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Using PKI to Mitigate Leaky Documents (John Landwehr, Adobe) 3. The Digital Identity
More informationCryptologic and Cyber Systems Division
Cryptologic and Cyber Systems Division OVERALL BRIEFING IS Someone Scraped My Identity! Is There a Doctrine in the House? AF Identity, Credential, and Access Management (ICAM) August 2018 Mr. Richard Moon,
More informationAirport Security & Safety Thales, Your Trusted Hub Partner
Airport Security & Safety Thales, Your Trusted Hub Partner www.thalesgroup.com/shield Securing People Ensuring Business Continuity Protecting Assets Thales Credentials Thales is a leading international
More informationChemical Facility Anti-Terrorism Standards. T. Ted Cromwell Sr. Director, Security and
Chemical Facility Anti-Terrorism Standards T. Ted Cromwell Sr. Director, Security and NJ ELG Operations Meeting Today s Presentation ACC Action Major Rule Components Select Risk-Based Performance Standards
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationInformation Systems Security Requirements for Federal GIS Initiatives
Requirements for Federal GIS Initiatives Alan R. Butler, CDP Senior Project Manager Penobscot Bay Media, LLC 32 Washington Street, Suite 230 Camden, ME 04841 1 Federal GIS "We are at risk," advises the
More informationDoD & FiXs : Identity Superiority
DoD & FiXs : Identity Superiority Implementing common authentication now & into the future. The Federation for Identity and Cross-Credentialing Systems (FiXs) www.fixs.org FiXs - The Federation for Identity
More informationPKI and FICAM Overview and Outlook
PKI and FICAM Overview and Outlook Stepping Stones 2001 FPKIPA Established Federal Bridge CA established 2003 E-Authentication Program Established M-04-04 E-Authentication Guidance for Federal Agencies
More informationFPKIPA CPWG Antecedent, In-Person Task Group
FBCA Supplementary Antecedent, In-Person Definition This supplement provides clarification on the trust relationship between the Trusted Agent and the applicant, which is based on an in-person antecedent
More informationOPUC Workshop March 13, 2015 Cyber Security Electric Utilities. Portland General Electric Co. Travis Anderson Scott Smith
OPUC Workshop March 13, 2015 Cyber Security Electric Utilities Portland General Electric Co. Travis Anderson Scott Smith 1 CIP Version 5 PGE Implementation Understanding the Regulations PGE Attended WECC
More informationConsiderations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility
Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility A Smart Card Alliance Physical Access Council White Paper Publication Date: September 2006
More informationCertiPath TrustVisitor and TrustManager. The need for visitor management in FICAM Compliant PACS
CertiPath TrustVisitor and TrustManager The need for visitor management in FICAM Compliant PACS CertiPath TrustMonitor CertiPath TrustVisitor and TrustManager The need for visitor management in FICAM Compliant
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationFedRAMP: Understanding Agency and Cloud Provider Responsibilities
May 2013 Walter E. Washington Convention Center Washington, DC FedRAMP: Understanding Agency and Cloud Provider Responsibilities Matthew Goodrich, JD FedRAMP Program Manager US General Services Administration
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 COUNTERING IMPROVISED EXPLOSIVE DEVICES Strengthening U.S. Policy Improvised explosive devices (IEDs) remain one of the most accessible weapons
More informationDHS ID & CREDENTIALING INITIATIVE IPT MEETING
DHS ID & CREDENTIALING INITIATIVE IPT MEETING October 14, 2004 Part 02 of 02 IMS/CMS Functional Specification General Issuance Requirements Issue a GSC-IS 2.1 compliant dual chip hybrid ICC/DESFire v0.5
More informationLegal, Ethical, and Professional Issues in Information Security
Legal, Ethical, and Professional Issues in Information Security Downloaded from http://www.utc.edu/center-information-securityassurance/course-listing/cpsc3600.php Minor Changes from Dr. Enis KARAARSLAN
More informationFICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance A Smart Card Alliance Identity Council and Physical
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationexisting customer base (commercial and guidance and directives and all Federal regulations as federal)
ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of
More informationWill Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?
Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions? Jack Radzikowski,, Northrop Grumman & FiXs Smart Card Alliance Annual Meeting La Jolla, California
More informationMonthly Cyber Threat Briefing
Monthly Cyber Threat Briefing January 2016 1 Presenters David Link, PM Risk and Vulnerability Assessments, NCATS Ed Cabrera: VP Cybersecurity Strategy, Trend Micro Jason Trost: VP Threat Research, ThreatStream
More informationMaria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor Security
Migrant Student Information Exchange (MSIX) Security, Privacy and Account Management Webinar Deloitte Consulting LLP. February 22, 2018 Maria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor
More informationin a National Service Delivery Model 3 rd Annual Privacy, Access and Security Congress October 4, 2012
Identity Management and Federation of Identity in a National Service Delivery Model 3 rd Annual Privacy, Access and Security Congress October 4, 2012 HRSDC - National Service Delivery HRSDC and its service
More informationSecure Web Fingerprint Transaction (SWFT) Access, Registration, and Testing Procedures
Defense Manpower Data Center Personnel Security & Assurance Secure Web Fingerprint Transaction (SWFT) Access, Registration, and Testing Procedures Version 3.2 July 20, 2016 CONTRACT NUMBER GS00Q09BGD0027
More informationThe Leader in Unified Access and Intrusion
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800-116, FIPS 201 and OMB M 11-11 in a High Assurance Trusted FICAM Platform In Partnership with: The Leader
More informationThe epassport: What s Next?
The epassport: What s Next? Justin Ikura LDS2 Policy Sub-Group Co-chair Tom Kinneging Convenor of ISO/IEC JTC1 SC17 WG3 International Organization for Standardization (ISO) Strengthening Aviation Security
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationDepartment of Defense. Installation Energy Resilience
Department of Defense Installation Energy Resilience Lisa A. Jung DASD (Installation Energy) OASD(Energy, Installations and Environment) 19 June 2018 Installation Energy is Energy that Powers Our Military
More informationDoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics
DoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics IDENTITY Mary Dixon February 12, 2003 1 A Short Review and Update 2 DoD is issuing 4 million smart cards to: Active Duty Military
More informationIdentity Proofing Standards and Beyond
Solutions for Health Care Providers Identity Proofing Standards and Beyond Kimberly Little Sutherland LexisNexis Risk Solutions Sr. Director, Identity Management Solution Strategy Agenda Identity Proofing
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Risk Monitoring Risk Monitoring assesses the effectiveness of the risk decisions that are made by the Enterprise.
More informationNEW DIPLOMA. Airport Security Diploma Programme
NEW DIPLOMA Airport Security Diploma Programme Airport Security Diploma Programme Contributing towards a secure airport environment Mission Improving the effectiveness and efficiency of security at your
More informationCYBERSECURITY FEDERAL UPDATE. NCSL Cybersecurity Task Force
CYBERSECURITY FEDERAL UPDATE NCSL Cybersecurity Task Force FY 2018 BUDGET BLUEPRINT President s Management Agenda Identifies cybersecurity as a critical area to improving the federal government Department
More informationFISMAand the Risk Management Framework
FISMAand the Risk Management Framework The New Practice of Federal Cyber Security Stephen D. Gantz Daniel R. Phi I pott Darren Windham, Technical Editor ^jm* ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON
More informationNo More Excuses: Feds Need to Lead with Strong Authentication!
No More Excuses: Feds Need to Lead with Strong Authentication! Dr. Sarbari Gupta sarbari@electrosoft-inc.com Annual NCAC Conference on Cybersecurity March 16, 2016 Electrosoft Services, Inc. 1893 Metro
More informationCybersecurity and Data Protection Developments
Cybersecurity and Data Protection Developments Nathan Taylor March 8, 2017 NY2 786488 MORRISON & FOERSTER LLP 2017 mofo.com Regulatory Themes 2 A Developing Regulatory Environment 2016 2017 March CFPB
More informationCRS Report for Congress
Order Code RL32531 CRS Report for Congress Received through the CRS Web Critical Infrastructure Protections: The 9/11 Commission Report August 16, 2004 John Moteff Specialist in Science and Technology
More informationFACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?
FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit
More informationNETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS
NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS Scope and Applicability: These Network and Certificate System Security Requirements (Requirements) apply to all publicly trusted Certification Authorities
More informationdataedge CA Certificate Issuance Policy
Classification of Digital Certificate Digital Certificates are classified upon the purpose for which each class is used and the verification methods underlying the issuance of the certificate. Classification
More informationDissecting NIST Digital Identity Guidelines
Dissecting NIST 800-63 Digital Identity Guidelines KEY CONSIDERATIONS FOR SELECTING THE RIGHT MULTIFACTOR AUTHENTICATION Embracing Compliance More and more business is being conducted digitally whether
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Chemical Facility Anti-Terrorism Standards (CFATS) Update for Roof Coatings Manufacturers
More informationIAB Minutes Page 1 of 6 April 18, 2006
IAB Minutes Page 1 of 6 The Interagency Advisory Board (IAB) meeting convened on Tuesday, April 17, 2006 at 9:15 AM at the Sheraton National Hotel in Arlington. After opening remarks by Randy Vanderhoof
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationMandate. Delivery. with evolving. Management and credentials. Government Federal Identity. and. Compliance. using. pivclasss replace.
Simplifying Compliance with the U.S. Government Federal Identity Mandate The first in a series of papers on HID Global ss Federal Identity Initiative and Delivery Strategy U.S. government agencies are
More informationSOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE SECURE AIRBORNE CONNECTIVITY: OVERVIEW Gogo Business Aviation realizes the ever-pressing need to be vigilant in staying ahead of potential
More informationGallagher Airport Security Solutions. aviation sites around the world trust security management solutions from gallagher
Gallagher Airport Security Solutions aviation sites around the world trust security management solutions from gallagher www.gallaghersms.com 2 Airport Security and Access Management Solutions Single management
More information2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat
2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat Faye Francy Aviation ISAC February 2015 Company Organization Corporate Defense, Space & Security Boeing Capital Corporation
More informationWatson Developer Cloud Security Overview
Watson Developer Cloud Security Overview Introduction This document provides a high-level overview of the measures and safeguards that IBM implements to protect and separate data between customers for
More informationAn Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication
An Overview of Draft SP 800-157 Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationU.S. E-Authentication Interoperability Lab Engineer
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI
More information