1 / 7

Privacy, Security, and Identity Management Update

Privacy, Security, and Identity Management Update. Peter Alterman, Ph.D. Deputy Associate Administrator for Technology Strategy General Services Administration. Plus ca change, plus ca le meme chose. Carrying On: U.S. Federal Government restated its commitment to OMB M 04-04, et. Seq.

larisa
Download Presentation

Privacy, Security, and Identity Management Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy, Security, and Identity Management Update Peter Alterman, Ph.D. Deputy Associate Administrator for Technology Strategy General Services Administration

  2. Plus ca change, plus ca le meme chose • Carrying On: U.S. Federal Government restated its commitment to OMB M 04-04, et. Seq. • Four Assurance Levels • Linking risk levels to trust levels • Relying on NIST SP 800-63 for technology implementation guidance • Existing Policies • Privacy Act • FISMA • Section 508 (accessibility) • Federal Procurement Regulations

  3. And yet, all existence is change • Consolidation of all USG Information Security and Identity Management initiatives under the Information Security and Identity Management Committee (iSIMC) of the Federal CIO Council • E-Authentication policy and oversight, Federal PKI and HSPD-12 credentialing consolidated into a single program under the Identity Credentialing and Access Management (ICAM) Subcommittee • Other subcommittees addressing various Infosec issues, including national security issues (say no more… some things never change)

  4. What does this all mean? • IdM architecture refresh – all levels and all technologies • Credential assessment framework refresh with Liberty Alliance Identity Assurance Expert Group for AL 1 & 2 and non-PKI AL 3 • Revitalized interfederation initiatives • FISMA – ISO harmonization for security management • Expansion of available online Federal applications • HSPD-12 “compatible” policy for private sector CSPs serving First Responders (FRAC), Transportation Workers (TWIC), Airport Workers (ACIS) and general interoperability with high assurance Federal sector

  5. Private Sector Uptake • Liberty Alliance Identity Assurance Framework • HSPD-12-interoperable high assurance credentials from trusted third parties: VeriSign and Verizon Business Services

  6. Of Particular Interest to Researchers • NIH now accepts identity credentials from InCommon university members for access to a variety of online apps; electronic grants (eRA) slated for link-up in calendar 2009 • NSF building linkages to accept identity credentials from InCommon university members for access to FastLane • Academic researchers under contract to Federal Agencies may be subject to the requirements of HSPD-12, that is, the requirement for a background check and use of a high assurance identity credential

  7. For Further Information • Peter.alterman@gsa.gov • www.estrategy.gov

More Related