Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010
USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass (USDA s FIPS-201 compliant PIV card) for more than just identity Two-Factor Authentication First rolled out for laptop users, then to desktop computers Uses the LincPass+PIN to authenticate to Agency domains (and soon for physical access) Integration with USDA eauthentication Digital Signature Uses the digital signature certificate on the LincPass Enables users to digitally sign documents (e.g., PDFs, Word docs, etc.) and emails Working with Agencies to streamline processes to take advantage of digital signatures and reduce paper shuffling Working with application developers and COTS providers to make use of LincPass digital signature capabilities
Innovations & Operational Architecture (IOA) Selection & Rollout Business Requirements Analysis Direct Select Governance Measure Control Portfolio Selection C o m m Brief Version Roadmap Version Architecture Version Project Plan Version IOA Mission: Provide USDA-wide direction to identify, architect, and implement emerging technologies and solutions in a timely manner to enhance the delivery and quality of business. Agency Input Federal Input Policy & Regulation Industry Trends Emerging Technologies FEA/FSAM Input Baseline Business Architecture Portfolio Assessment Baseline IT Architecture Business Requirements Analysis Direct Select Governance Measure Control Portfolio Selection m u ni c at C o m municat Gap Analysis i o n Brief Version Roadmap Version Architecture Version Project Plan Version Agency Input Federal Input Policy & Regulation Industry Trends Emerging Technologies FEA/FSAM Input Baseline Business Architecture Portfolio Assessment Baseline IT Architecture u ni c at C o m m u ni c at Gap Analysis Project Charter Preliminary Scope Statement i on Initiate Business Cases Deliverable List (WBS) Identify Stakeholders Develop Use Cases Requirements Specification Detailed Process Maps Business Case Version 2.0 2.0 Plan Communication Plan Marketing Plan Risk Management Plan Quality Plan Project Plan Test Plan Training Plan Help Desk Plan Transition Plan Procurement Plan Project Governance Roadmap Version 2.0 2.0 Execute Direct & manage completion of deliverables Interaction, direction, and coordination with implementation team C o m m u n i c a t i o n s Architecture Version 2.0 2.0 Transfer Implement Transition Plan Deliver Operations Guide Operational Governance: Quality Control & Change Control Project Plan Plan Version 2.0 2.0 Methodology Business need drives solution selection Project plans include design, testing & proof of concept (pilot), marketing, funding plans, and ownership agreements Rollout plans involve proactive engagement of agency leadership, technical staff, training and help desk staff, and users 7
Next Projects for LincPass Utilization Enterprise VPN Enables remote access to USDA networks Employs network admission control policies to ensure both the user and the device are authorized Remote access to USDA networks requires two-factor user authentication, and the Enterprise VPN leverages the LincPass credential to meet this requirement eauthentication Single Sign-On USDA s eauthentication Service (key component of the USDA Identity, Credential, and Access Management (ICAM) vision) provides common authentication and single sign-on services for over 300 USDA Web-based applications Level 1, 2, or 3 accounts have been issued to over 300,000 USDA employees, contractors, and external customers Will be leveraging the USDA LincPass as a level 3 credential for USDA employees and contractors, resulting in single signon for those users 8
Status: Enterprise VPN Initial Project Scope Implement a common remote network access solution for all USDA sub-agencies Implement enterprise-wide network admission control and endpoint health policies Leverage the LincPass to ensure two-factor user authentication USDA Pilot Agencies: Farm Service Agency Natural Resources and Conservation Service Rural Development Agencies (Rural Housing Service, Rural Utilities Service, Rural Business-Cooperative Service) Food and Nutrition Service Project Status Completed enterprise infrastructure deployment Completed user acceptance testing and integration with the LincPass Executing agency pilots Planning for full agency deployments Initiate Plan Execute Transfer C o m m u n i c a t i o n s Benefits: Two-factor user authentication for remote network access Network admission control and endpoint health monitoring Tight integration with USDA s Identity, Credential and Access Management (ICAM) solution Automated monitoring, auditing, and reporting capability to meet FISMA and A-123 requirements Compliance with NIST and Departmental policies on remote network access 9
Status: eauthentication Single Sign-On Initial Project Scope Expand eauthentication Service to leverage the LincPass as a level 4 assurance credential Use the HSPD-12 PIV-1 background investigation process to improve identity proofing Project Status Completed solution development and testing Planning for initial agency pilot Schedule full Department deployment Initiate Plan Execute Transfer C o m m u n i c a t i o n s Benefits: LincPass integrated Increased security level access based on Two Factor Authentication Improved user experience Reduces number of ID and Password credentials you have to remember Reduced department helpdesk workload (password resets, forgotten user ID s, etc.) Single credential for both LACS & PACS Leveraging the LincPass in USDA for authentication, digital signing, and in the future encryption 10
Status of Digital Signatures Project Initial Project Scope Adobe Acrobat files and forms Versions 8 & 9 Microsoft Office (Word, Excel, PowerPoint) Versions 2003 & 3007 Microsoft Outlook Versions 2003 & 2007 USDA Pilot Agencies: OES... Federal Register Publishing. Business process under review & approval. APHIS... Forms Integration Project development in research and planning. FS.. FMMI & Paycheck8... Project in technical development & roll out planning. OASCR.. General Document Mgmt.. Reviewing current business processes for integration. ARS Application Integration.. Reviewing current applications for integration. OCIO.. AAR Management / Submission. Business process under review for update and approval. Project Status Completed proof of functionality, QA, and pilot rollout on Adobe and Microsoft products Completed project planning, rollout methodology, and processes Initiate Completed all documentation and training materials Plan Feb. 2010: Distribute communication to Agency CIOs on Digital Signatures. Execute March 2010: Developing policy with OCIO Cyber Security and OGC. Transfer Benefits: LincPass integrated Assurance that the information has not been altered since it was sent Provides a digital signature certificate that can be used for a non-repudiable digital signature Verification of the signer's digital identity Efficient, time saving, cost reducing alternative to wet ink signature 11 C o m m u n i c a t i o n s
Education at USDA Electronic vs. Digital Signatures The Digital Signature project helps Agencies implement digital signatures using the USDA LincPass Number 1 obstacle: Agencies don t understand the difference between electronic signatures and digital signatures (and vendors sometimes muddy the waters) USDA s LincPass provides a digital signature certificate that can be used for a non-repudiable digital signature Digital Signature 12
What is Non-Repudiation? Non-repudiation : Countering a claim that the signature is unauthorized or has no binding force Two common claims of repudiation: Not me Not what I signed A non-repudiable signature offers reasonable assurance that it was the person signing, and the file/record/ transaction is unchanged from when it was signed 13
What is an Electronic Signature? Electronic Signature : A token (sound, symbol, process) logically associated with an electronic record with intent to sign the record Example: A travel tracking system with a user ID/password access requires a manager click a button labeled Digital Signature to approve travel for her staff. Problems: single-factor; user ID not traceable to anything, e.g., an official HR record or a PIV card Authorized by the law (e.g., 1998 Digital Signature and Electronic Authentication Law (SEAL), 1999 Uniform Electronic Transactions Act (UETA), 2003 GPEA, etc.) Loose and variable standards make electronic signatures increasingly easy to forge or spoof Generally requires compensating controls and out-of-band identity validation (e.g., wet-ink signature on a timesheet) 14
What is a Digital Signature? Digital Signature : A sub-category of electronic signatures; includes a cryptographic assurance of the originator s (authors) identity, and an integrity check on the text received Uses PKI for cryptographic assurance Extremely difficult to forge Example: A travel tracking system with a user ID/password access makes the manager digitally sign using her LincPass card when approving travel for her staff. Solves security (repudiation) problems: two-factor authentication; user ID traceable (via PKI infrastructure) to a known and verified identity in HSPD-12 system; content no modified 15
Assurance Levels, eauthentication, and USDA LincPass Identity Assurance Levels (as defined by NIST 800-63): how sure you are of the identity of an individual, and that the person with whom you are interacting is that individual digital signatures not related USDA eauthentication: a software solution for authentication (is the user known?) and authorization (is the user allowed access) digital signatures not related, and eauth provides no support for them LincPass (PIV card): a hardware token solution that enables authentication (is the user known), and has an electronic certificate on the card s chip that can pass along a digital representation of that identity the tool that allows a user with an application (e.g., Outlook, Acrobat) to create digitally signed files 16
PKI and Digital Signature Public Key Infrastructure (PKI): the mechanism for digital signature verification 3 When Beth opens the document, she sees that the document is digitally signed, and Word shows the certificate is trusted (specifically, Word checks the validity of the signature by checking the GSA MSO Certificate Revocation List [CRL], then does a hash comparison of the document) Root CA Beth GSA MSO s Certificate Authority (Root CA) issues 1 Digital Signature certificate on LincPass card to Alice (identify verified during LincPass enrollment step) Alice Two-factor authentication based on something Alice has (her LincPass) and something she knows (her PIN). 2 Alice digitally signs a Word document using her LincPass card (specifically, her digital signature PKI certificate s private key), then sends the document to Beth. The digital signature indicates the document is unchanged since Alice sent it (any change to the file destroys the digital signature, therefore, it is non-repudiable) 17
More Information For more information on USDA s projects that leverage the LincPass, contact: Owen Unangst, Director USDA Innovations and Operational Architecture Owen.Unangst@ftc.usda.gov 18