developing a federal vision for identity management
DESCRIPTION
Presentation to the President’s National Security Telecommunications Advisory Committee (NSTAC), Task Force on Identity ManagementTRANSCRIPT
![Page 1: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/1.jpg)
Biometrics.gov
Developing a Federal Vision for Identity Management
Duane BlackburnOffice of Science and Technology PolicyExecutive Office of the President
January 16, 2009
![Page 2: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/2.jpg)
Biometrics.gov
Building an IdM System
Enrollment
Application
DNA
Biometric
Name
Date of Birth
SSN
Birth Certificate Driver’s License Passport
Address Phone Number
IP Address
Password
Height Weight
Eye Color
Sex
Mother’s Maiden Name
High School Mascot
FavoritesShoe Size
PIV Card
![Page 3: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/3.jpg)
Biometrics.gov
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
DNA
Biometric
Name
Date of Birth
SSN
Birth Certificate Driver’s License Passport
Address Phone Number
IP Address
Password
Height Weight
Eye Color
Sex
Mother’s Maiden Name
High School Mascot
FavoritesShoe Size
PIV Card
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
Enrollment
Application
![Page 4: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/4.jpg)
Biometrics.gov
Building an IdM System
Enrollment
Application
DNA
Biometric
Name
Date of Birth
SSN
Birth Certificate Driver’s License Passport
Address Phone Number
IP Address
Password
Height Weight
Eye Color
Sex
Mother’s Maiden Name
High School Mascot
FavoritesShoe Size
PIV Card
![Page 5: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/5.jpg)
Biometrics.gov
Identity Concentricity
Root
Core
![Page 6: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/6.jpg)
Biometrics.gov
Federal IdM Coordination Timeline
EOP Meetings
(2007)
NSTC Task Force
(2008)
STPI
ReportRelease
(Sep 2008)
Briefings(2008)
CoordinatedAction?
Inauguration
Report Approval
![Page 7: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/7.jpg)
Biometrics.gov
Task Force Composition
►Six month effort (January 1 – July 2, 2008)►Co-chairs
►Duane Blackburn (OSTP)►Judy Spencer (GSA)►Jim Dray (NIST)
►Working groups►Drafting team►Data Collection and Analysis►Digital Identity►Grid►Privacy and Legal
►Participating agencies included DHS, DOD, DOS, DOJ, HHS, SSA, FTC, DOC, GSA, EOP, NSF, ODNI, NASA, FAA, VA, OMB
![Page 8: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/8.jpg)
Biometrics.gov
Task Force Charge
►Provide an assessment of the current state of IdM in the US Government;
►Develop a vision for how IdM should operate in the future;
►Develop first-step recommendations on how to advance towards this vision.
![Page 9: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/9.jpg)
Biometrics.gov
CIO Council Data Call
►First-order understanding of the IdM landscape►Final Report Appendix G►18 responses covering 191 agencies/bureaus,
3400 individual systems►The most common forms of information being
collected for IdM are login alias, PIN/password, legal name, date of birth and social security number
►Few systems (~15%) or programs collect or use biometric-related data (e.g., fingerprints, iris or facial imaging) or use security questions or tokens
![Page 10: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/10.jpg)
Biometrics.gov
Key Findings of the NSTC IdM TF Report► IdM is comprised of three elements: ID applications; Global
telecommunications grid; Digital ID repositories of all kinds
► Within these, the latter two comprise the “IT Utility”
► Two gross processes of Screening and Access Controls coexist within the USG.
► Public messaging and social acceptance have sometimes been seen as sidebar issues in the USG’s approach to IdM, with resultant negative consequences.
► PII may be segregated between application-specific data held inside applications, and that used to establish authentication of basic digital ID’s.
► USG missions include extensive engagement with other jurisdictions of government, international partners, and the public. This underlines not only the criticality of treatment of PII, but also the need for federal processes to be attuned to commercial and emergent international IdM approaches, standards and systems.
![Page 11: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/11.jpg)
Biometrics.gov
Current Landscape
![Page 12: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/12.jpg)
Biometrics.gov
Future State Vision
![Page 13: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/13.jpg)
Biometrics.gov
Objective IdM Architectural Model
‘Network of Networks’
Digital ID Data Federation
ID-specific “Privileges”
(Applications of ID in specific context), with data unique to
eachApplication/user Interface
IdentityManagement
“Utility”
Enterprise IT System
![Page 14: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/14.jpg)
Biometrics.gov
IdM Refocus
Focus:
Challenges:
Controlling Equity:
Cultural Character:
“Appearance”:
CHARACTERISTIC: TODAY Future
Data sets Applications
Standards; Scalability;Social acceptance Business models
Federal IT community Balanced equities- End users- Application sponsors/managers- Digital ID managers- Global grid/IT managers
Service-provider push User-demand pull
German watchmaker’s Utility (elex pwr analogy)shop
![Page 15: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/15.jpg)
Biometrics.gov
Key recommendations► 12 prioritized R&D recommendations
► Rationale: Tech base supporting IdM decomposed, with investments (hopefully) leading to process improvements proposed in each major area
► Complete the basic as-built research, in full detail► Applications, processes, etc
► Conduct gap analysis, and from that, detailed strategy
► Architectural framework…► Singular, comprehensive, interoperable
► Standards-based
► Privacy-centric
► Security-conscious
► Advance the Global Grid agenda► Next-generation network(s)
► Engage internationally
►Governance
![Page 16: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/16.jpg)
Biometrics.gov
TF Report Available online
►www.ostp.gov/nstc►www.biometrics.gov►www.idmanagement.gov
![Page 17: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/17.jpg)
Biometrics.gov
You are not alone…
► President’s Identity Theft Task Force► NSTC, IdM Task Force ► CIO Council, Information Security and IdM Committee► Information Sharing Environment, IdAM Framework► National Security Telecommunications Advisory
Committee, IdM Task Force► HSPD 6, 11, 12► NSPD-59► Cybersecurity Initiative► Organisation for Economic Co-operation and Development
(OECD)► International Telecommunication Union -
Telecommunication Standardization Sector (ITU-T)► International Organization for Standardization (ISO)► Naval Post Graduate School, IdM degree program► Many others…
![Page 18: Developing a Federal Vision for Identity Management](https://reader035.vdocuments.net/reader035/viewer/2022062616/5490b38db479590c5d8b4575/html5/thumbnails/18.jpg)
Biometrics.gov
Duane’s Key Take-Home Points
►Identity and appropriateness of IdM varies amongst individuals
►Numerous IdM activities in the USG►Which represent a fraction of IdM activities in the
US/World►Activities in one impact others
►If we continue to build our systems as if it was to be the only system in existence, we are building our system to fail
►If we continue to build our system-of-systems as if our sector was the only one with identity issues, we are building our system-of-systems to fail
►How are we going to move forward?