80 likes | 94 Views
Meet Dr. Peter Alterman, Chair of the Federal PKI Policy Authority & Identity Federation. Learn about developing standards, services, and levels of assurance for identity authentication in government applications. Explore a simplified view of federation architecture.
E N D
Meet FedFed Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority
Identity Federation • An organization of entities who: • Issue, manage and revoke credentials according to published policies and procedures that conform to policies and procedures of the federation • Are authoritative and responsible for the validity of those credentials • Trust the credentials of other members of the federation at an agreed-upon level of assurance • May also include entities who maintain online applications or services that consume federation credentials. Internet2 9/05
Conscious Omissions • No discussion of federation structure or governance • No discussion of technologies • No discussion of target audiences Internet2 9/05
Mission of E-Authentication • Develop a standard architecture for identity assurance services for government online applications and services • Provide identity authorization services for government online applications and services • Implement a standard policy for identity management • Serve as executive for Federal Identity Management Federation Internet2 9/05
Assurance Levels 3 & 4 Services (PKI) • - Credential Assessment • Framework • - Business Rules • Interoperability Lab E-AuthenticationSimplified Concept of Operations E-Auth Executive Assurance Levels 1 & 2 Services • - Federal PKI Policy • Authority • Federal Bridge CA Agency Applications and Credential Providers Internet2 9/05
A Simplified View of E-AuthFederation Architecture -Banks -Universities -Agency Apps -Etc. Levels 1 & 2 Online Apps & Services Levels 1 & 2 CSPs SAML Assertions Business Rules CAF SDT Levels 3 & 4 Online Apps & Services Digital Certificates Levels 3 & 4 CSPs Digital Certificates FBCA X-Certification Federal Agency PKIs Other Gov PKIs Commercial PKIs Bridges Internet2 9/05
Proposed FedFed InterfederationInteroperability Model inCommon FedFed Policies & Procedures Policies & Procedures Members Members Affiliated Applications Affiliated Applications Internet2 9/05
Discussion altermap@mail.nih.gov www.cio.gov/eauthentication Internet2 9/05