1 / 10

Chris Louden Chris.Louden@enspier.com

What does it take to Federate?. Chris Louden Chris.Louden@enspier.com. Agenda. What does it take to build a federation? Common, Common, Common…. Common Business Processes. Business goals should drive everything Understand the drivers before you begin

mayten
Download Presentation

Chris Louden Chris.Louden@enspier.com

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What does it take to Federate? Chris Louden Chris.Louden@enspier.com

  2. Agenda • What does it take to build a federation? • Common, Common, Common…

  3. Common Business Processes • Business goals should drive everything • Understand the drivers before you begin • Everything that follows should be tailored to the underlying business goals of the federation

  4. Common Policy Infrastructure • Federations inherently require some level of trust between members • Common Policies define trust boundaries • Identity, security, reliability, access rights, etc • Trust requires common understanding of what is expected of members

  5. Common Technical Specifications • Technical interoperability improbable and expensive without detailed specifications • Recommend Use Case driven specifications • Business Drivers → Business Use Cases • Business Use Cases → Interface Specifications • Shared Technical Infrastructure? • Federation Portal, CA, etc • Specs serve Business Drivers & Policies

  6. Common Agreement Infrastructure • Legal Relationship among Federation members must be well defined • MOU, Contract, etc • Parties to the agreement • Pair-wise? Member-member • Centralized? Member-Federation • Agreements include requirement to comply with other common elements • Makes the common elements binding

  7. Common Governance Infrastructure • Change Management • Business Environment, Goals, Drivers • Specifications, Policies, Agreements • Membership • Communication & Collaboration • Common working groups • Specify how decisions are made

  8. Federations are like Networks • Remember Metcalf’s Law: • “the value of a network is proportional to the square of the number of users of the system” • Each new member increases the value of the network for every member. • Membership & Usage drive ROI Wikipedia.org

  9. Federal E-Authentication Trust Model 2. Establish standard methodology for e-Authentication risk assessment (ERA) 1. Establish e-Authentication risk and assurance levels for Governmentwide use (OMB M-04-04 Federal Policy Notice 12/16/03) 3. Establish technical assurance standards for e-credentials and credential providers (NIST Special Pub 800-63 Authentication Technical Guidance) 4. Establish methodology for evaluating credentials/providers on assurance criteria (Credential Assessment Framework) 6. Establish common business rules for use of trusted 3rd-party credentials 5. Establish trust list of trusted credential providers for govt-wide (and private sector) use

  10. Discussion

More Related