Mobile Validation Solutions

Similar documents
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008

Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery

Strategies for the Implementation of PIV I Secure Identity Credentials

To be covered: S&T Intro TTWG. Research/Pilots. Scope Goals Report

Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop

Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011

Karyn Higa-Smith, Research Program Manager

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

Federated Access. Identity & Privacy Protection

Creating an Interoperable Framework A General Discussion Screening Coordination Office May 5, 2009

Technology Advances in FEMA Response and Recovery to Disasters

Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation

Strategies for the Implementation of PIV I Secure Identity Credentials

Mandate. Delivery. with evolving. Management and credentials. Government Federal Identity. and. Compliance. using. pivclasss replace.

STANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season

2013 STRATEGIC PLANNING SCHEDULE

TWIC / CAC Wiegand 58 bit format

DHS ID & CREDENTIALING INITIATIVE IPT MEETING

Marine Security Overview

TWIC Readers What to Expect

Leveraging HSPD-12 to Meet E-authentication E

TWIC Transportation Worker Identification Credential. Overview

DHS FEMA Region IX Response Operations

Interagency Advisory Board Meeting Agenda, April 27, 2011

(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US

Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS

PIV-Interoperable Credential Case Studies

Office of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)

FiXs - Federated and Secure Identity Management in Operation

Single Secure Credential to Access Facilities and IT Resources

TWIC Program Overview for the Smart Cards in Government Conference March 10, 2004

Interagency Advisory Board Meeting Agenda, February 2, 2009

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

National Transportation Worker ID Card (TWIC) Credentialing Direct Action Group Functional Requirements DRAFT

US Federal PKI Bridge. Ram Banerjee VP Vertical Markets

National Level Exercise 2018 After-Action Findings

Published Privacy Impact Assessments on the Web. ACTION: Notice of Publication of Privacy Impact Assessments (PIA).

Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?

Helping Meet the OMB Directive

Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005

Managing PIV Life-cycle & Converging Physical & Logical Access Control

2 ESF 2 Communications

Version 3.4 December 01,

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Secure Lightweight Activation and Lifecycle Management

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

g6 Authentication Platform

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Introduction to the National Response Plan and National Incident Management System

New Madrid Earthquake Catastrophic Planning Project Overview

The Office of Infrastructure Protection

Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform

IA2. Flood (Including Dam Failure)

Credentialing Project Technical Architecture

TWIC Implementation Challenges and Successes at the Port of LA. July 20, 2011

Thursday, May 15. Track D Security & Access Control

National Identity Exchange Federation. Trustmark Signing Certificate Policy. Version 1.0. Published October 3, 2014 Revised March 30, 2016

Section 1 Metrics: Community Adoption

Leveraging the LincPass in USDA

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

Technical Trust Policy

Kansas City s Metropolitan Emergency Information System (MEIS)

AUTOMATED RESOURCE MANAGEMENT SYSTEM (ARMS)

FPKIPA CPWG Antecedent, In-Person Task Group

The U.S. Coast Guard s Role in Cybersecurity

There is an increasing desire and need to combine the logical access and physical access functions of major organizations.

New York City Emergency Management Public/Private Collaboration and Support

UF CEMP Support Group Annex: Public Safety

DirectTrust Governmental Trust Anchor Bundle Standard Operating Procedure

Manatee County Government Administrative Center Commission Chambers, First Floor 9:00 a.m. - August 24, 2017

Local Government Disaster Planning and what can be learned from it.

National Incident Management System and National Response Plan. Overview

Perspectives from the U.S. Federal Communications Commission: Lessons Learned on ICTs in Disaster Prevention and Relief

No More Excuses: Feds Need to Lead with Strong Authentication!

IMPLEMENTING AN HSPD-12 SOLUTION

Document Section: 3. Interoperability

Federal PKI. Trust Store Management Guide

June 17, The NPRM does not satisfy Congressional intent

State of the Industry and Councils Reports. Access Control Council

Smart Cards & Credentialing in the Federal Government

Engaging Maryland toward CAV advancements Christine Nizer, Administrator

HSPD-12 : The Role of Federal PKI

Interagency Advisory Board Meeting Agenda, February 2, 2009

Homeland Security: Requirements for Installation Security Decision Support Systems. Battle Command Battle Lab Gordon

Business Continuity and Disaster Recovery. Pennsylvania Emergency Management Agency (PEMA) Satellite Warning System/Rapid Notification Network

TWIC Reader Technology Phase

Identity Management (IdM) is a crosscutting focus area for DHS

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

An Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication

National Response Plan & Nuclear/Radiological Incident Annex. OSC Readiness Training November 17, 2004

Using PIV Technology Outside the US Government

Executive Director: Russell J. Strickland Chief of Staff: Terry Thompson Director: Dave McDonough Director: Kate Hession Director: Robert Thomas

Civil Air Patrol. National Incident Management System (NIMS) 2016 Refresh Lt Col Bob Ditch HQ CAP/DOSI CITIZENS SERVING COMMUNITIES

REGIONAL UTILITY COORDINATION PLAN. Portland, Oregon / Vancouver, Washington Metropolitan Area

PREPARED STATEMENT OF ERNEST R. FRAZIER, SR., ESQ. AMTRAK, CHIEF OF POLICE AND SECURITY DEPARTMENT

What Why Value Methods

Interagency Advisory Board Meeting Agenda, Wednesday, June 29, 2011

Utilizing Terrorism Early Warning Groups to Meet the National Preparedness Goal. Ed Reed Matthew G. Devost Neal Pollard

NMSAC. Industry update. AAPA Security & Safety Seminar Wade Battles Managing Director Port of Houston Authority

April 5, Subject: DHS Multi-Agency Operation Centers Would Benefit from Taking Further Steps to Enhance Collaboration and Coordination

Transcription:

227 Mobile Validation Solutions John Bys Executive Vice President Copyright 2007, CoreStreet, Ltd.

Who has requirements? Maritime Safety Transportation Act Ports / MTSA Facilities Vehicle check points on land and water Physical Access Control (PACS) Extending to unconnected locations PIV Credentials in leased facilities Emergency Response Officials (EROs); Federal and State Ability to read and validate other standard card types and assigned attributes FIPS 201/PIV DoD CAC (carried by USCG & National Guard) First Responder Authentication Credential (FRAC) PIV and PIV-I

Why do we need mobile validation? Can I trust this person is who they claim to be? Are they qualified to be here at this moment? Is the information they are presenting to me from a trusted source? Who has entered and exited and how long were there?

Distributed OCSP CAs CRL CoreStreet Validation Authority In Secure Facility requires trust = (physical and data security) Pre-signed OCSP Responses (DMZ) Responders Located on web Servers, Customer Facilities or anywhere a web server can reside) OCSP Response Relying Parties

Transportation Workers Identity Credential TSA / TWIC Hotlist

Mobile Requirements Strong Identity Vetting from Trusted Sources Off Card attributes allows dynamic, local management of that information without having to touch the card No PII on mobile devices Electronic Validation of Identity and Attributes Ability to share this information across agencies Functionality in Lights-Out / Comms-Out Leverage existing standards and success

Off Card Attributes Lessons Learned Certificate & Identity Issuing Authorities Identity & Privilege Lists ID & Priv. -Identity is Static - Long Lived Identity Credential - FIPS201 / PIV -Attributes are Dynamic - Can be updated without touching the card -Attributes assigned to credentials issued by another trusted party Attribute Sources F/ERO DB PACS Head End - Identity and Privilege List -Combines the Strength of a Strong Identity with the most current attributes that can be electronically verified as current, valid, and from a trusted source -Must NOT Contain ANY PII

Organizational Model Certificate & Identity Issuing Authorities Identity & Privilege Lists IPL Management Station (s) Locally Deployed Attribute Sources F/ERO DB PACS Head End

On Scene Operations -Comms-out Lights-out - No External Connectivity During the Incident Needed - Local decisions, local accountability - Identity and KSAs pre-vetted Accountability Management Station (s) Locally Deployed

F/ERO Interoperability Layer State of CO CO Bridge FEMA Repository Pentagon Force Protection Agency FEMA Management Station (s) Locally Deployed National Guard (DoD) State of Hawaii Colorado Management Station (s) Locally Deployed

National Interoperability for Mutual Aid Colorado GDIT Hosted PKI Accountability & Incident Command Systems State of CO CO Bridge GSA MSO 40 Subscribing Agencies FEMA Repository Comm of PA PKI Comm. Of PA FEMA Management Station (s) Locally Deployed ESAR VHPs DoD PKI Base/Agency National Guard (DoD) State SSP PKI CFI, GDIT, VzB, IDMS s Other States & Fed Agencies Colorado Management Station (s) Locally Deployed

DHS/FEMA Interop Demonstrations 2/23/06 Winter Fox: Federal, State, Local Host: Pentagon Validation: ESF-13 (Law Enforcement) Multi-Jurisdiction Interoperability 5/18/06 Eligible Bridge: Public & Private Sectors Host: George Washington University Validation: ESF-5 (Emergency Management) Public/Private Interoperability 6/8/06 AT&T: Private Sector ID eauthentication Host: AT&T Validation: ESF-2 (Communications) eauthentication 6/21/06 Forward Challenge: DHS ID eauthentication Host: DHS Validation: ESF-5 COOP/COG Evacuation Visibility/Manifest Tracking 7/20/06 Maritime Interoperability Demonstration: Public & Private Ports Host: US DOT Validation: ESF-1 (Transportation) Multi-Port Access Visibility/Tracking 12/8/06 Capital Shield: National Guard Host: National Guard Validation: DC National Guard, West Virginia National Guard 2/15/07 Winter Storm: Federal, State, Local Host: Pentagon Validation: ESF 1 - ESF 4 ESF 5 ESF 8 ESF 9 ESF 13 - Common Access Cards, & Licenses 7/12/07 Volant Freight I, Fed, State, Local Host: DHS COOP COG Recloation 7/19/07 Summer Breeze, Fed, State, Local Host: DHS, FEMA, NCRC, DOD, PFPA Highlighted federal, state, local, and private sector identity interoperability 3/6/08 Winter Blast, Fed State Local Host: FEMA & & HHS Primary Focus: National Response Framework Emergency Support Function 8 5/7/08 NLE 2-08, Fed State Local Host: DHS/FEMA Real-Time tracking of relocated government personnel while traveling to COOP/COG alternative sites after disaster 5/15/08 Spring Blitz Fed State Local Host: Tampa Fire Rescue/ FEMA Demonstrate Routine and Emergency Access to secured facility during a large sporting event 7/23/08 Summer Sizzle Federal, State, Local Host: DHS COOP COG Relocation 9/16/08 Volant Freight II Federal, State, Local Host: State of VA Governors Office / FEMA COOP COG Relocation

Summary Utilize PIV and PIV-I Credentials DoD CAC - Common Access Cards including National Guard TWIC Transportation Workers Identity Credential FRAC First Responder Authentication Credential Local Management of Qualifications and Identity Local Issuance of Identity Credentials In Hand Status of Credentials and Qualifications From every program participant at state and federal levels Operational in lights-out/comms-out scenarios Leveraging the Standards and Successes of Millions of Cardholders Implements Migration and Future Proofing Capabilities

Contact Information John Bys Executive Vice President CoreStreet, Ltd. Cell +1.860.985.0400 Email jbys@corestreet.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback