SOLUTIONS Series: Identity Assurance Program

Track 1: Authentication
Authentication is any process by which you verify that someone is who they claim they are. The wide variety of authentication schemes makes it difficult to share identity data across systems, reliably authenticate devices and once authenticated in any system, determine what access the user is permitted. Solving these issues across multiple security, technology and geographic domains is key to effective identity management.

Thursday 1000-1200, Secure Sharing of Identity Data
How do we ensure integrity and reliability of identity data in our virtual enterprise data repository?
  • What is the case for a virtual identity data repository for the enterprise?
  • What are the challenges in establishing, maintaining, updating and revoking identity data for authoritative sources?
  • What enterprise service attributes have been identified?
  • Do we have complete anonymity of identity data or how much do or should be let out?


Moderator: Mr. Al Mink, Principal Systems Engineer, SRA | PRES | BIO
Panelist: Mr. Mike Butler, Director, Identity Management, GSA | PRES | BIO
Panelist: Mr. Tim Fong, Dep Dir, ID Assurance & PKI, OASD (NII) | PRES
Panelist: Ms. Sarbari Gupta, CEO, Electrosoft Services | PRES | BIO

Thursday 1500-1700, Device Authentication and Authorization
Trusted computing from untrusted devices: putting trust in our IT infrastructure in a world where machine to machine interaction occurs.
  • What type of provisioning of the IT enterprise infrastructure (e.g., Identify, enroll)?
  • What is the impact on the infrastructure (e.g., load on the network, how performance is affected)?
  • How do we establish and control access control lists and privileges for devices and services?
  • What is our vetting process and how do we build trust in the IT infrastructure?


Moderator: Mr. Al Mink, Principal Systems Engineer, SRA | PRES | BIO
Panelist: Mr. Curtis Levinson, CSO, Qwest Government Services | PRES | BIO
Panelist: Mr. Jerry lwanski, CTO & SVP Product Strategy, Route 1 | PRES | BIO
Panelist: Mr. Joe Mettle, Sr Tech Director, DoD PKI Prog Mgmt Office | PRES | BIO
Panelist: Mr. Brent Williams, CTO, Anakam | PRES | BIO

Friday 1000-1200, Decoupling Authentication and Authorization in the Enterprise
Where does Authentication service end and Privilege management service begin?
  • What is the design of the policy enforcement engine for establishing access rules based on attributes?
  • What is the design of the policy decision engine for granting access after analyzing the policy enforcement engine (PEE)output?
  • What is the difference between single sign on and authentication in a Federated environment?


Moderator: Mr. Al Mink, Principal Systems Engineer, SRA | PRES | BIO
Panelist: Ms. Samantha Crowell, Army NETCOM | PRES
Panelist: Mr. Gordon Hannah, Managing Director, BearingPoint | PRES | BIO
Panelist: Ms. Trish Janssen, Div Chief, Dep PM DoD PKI PMO, DISA | PRES
Panelist: Ms. Rebecca Nielsen, Senior Associate, Booz Allen Hamilton | PRES | BIO

Track 2: Protection
Protecting data and access to data through the use of Biometrics. Discussing the strategic vision of the future of biometrics and identity management: How are Biometrics contributing to Protection?

Thursday 1000-1200, Biometrics and Identity Policy
Policy provides the rights and framework that protect biometric data from exploitation, and ensures the integrity and interoperability of captured data. Policy enables biometrics to be used to protect the identities of friendly forces. Basic Question to answer: What are the components that affect the government position on policy?
  • What is the most needed policy piece now?
  • What is the biggest stumbling block for coalition biometric policy?
  • How does the U.S. government protect rights of foreigners who need access to coalition facilities?
  • Is policy leading technology or vice versa?
  • What is the intent and overlap of the two major identity programs?


Moderator: Mr. Bob Melissinos, Director, Ezenia | PRES | BIO
Panelist: Mr. Albert Miller, OSD-Policy | PRES | BIO
Panelist: Mr. John Sylvester, Office of the Secretary of the Navy | PRES | BIO
Panelist: Dr. James Wayman, San Jose State University | PRES | BIO
Panelist: Mr. Brent Williams, CTO, Anakam | PRES | BIO

Thursday 1500-1700, Improving Technologies
Faster development and acquisition of biometrics technologies is required to provide identity protection against current and foreseen adversaries Basic Question to answer: How can government work with industry to get new technology to the user faster, cheaper?
  • What is industry’s biggest issue in building biometric solutions for the government?
  • What is the government’s biggest issue with how industry produces biometric devices?
  • Much current technology is developed by small businesses. How does small business get that technology to the government in real time?
  • How can biometric multimodal systems stay current but not fail due to short product cycles?
  • What information is industry lacking to build good cheap biometric solutions?
  • The United Kingdom is already testing facial technology and UK companies are testing solutions in the U.S. Is the Federal government paying attention to technology from our coalition partners?


Moderator: Mr. Bob Melissinos, Director, Ezenia | PRES | BIO
Panelist: Dr. Larry Hornak, Professor, WVU | PRES | BIO
Panelist: COL, USA Ted Jennings, Project Manager, DoD Biometrics | PRES | BIO
Panelist: Mr. Raj Nanavati, Partner, International Biometric Group (IBG) | PRES | BIO
Panelist: Mr. Allan Zimmerman, Partner, IDTP | PRES | BIO

Friday 1000-1200, Denying the Adversary's Ability to Mask Identity
Reducing the enemy's ability to use multiple identities is key both on the battlefield and in protecting America's borders. Basic Question to answer: How to deny the adversary the ability to penetrate biometric identity circle?
  • What is the greatest technical challenge with the current portable tactical systems for collecting biometrics and identifying on the spot against a database held in the portable device?
  • Does industry really understand the operating environment for biometric products (physical, cultural, social)
  • What is lacking in order to have seamless exchange of fingerprint data between DOD, DOJ, DHS, DOS?
  • Is the “SO WHAT” factor being answered fast enough? What is the reaction and action required when a biometric match is found?


Moderator: Mr. Bob Melissinos, Director, Ezenia | PRES | BIO
Panelist: Mr. Jeff Dunn, Co-Chair, Biometric Consortium | PRES | BIO
Panelist: Mr. Walter Hamilton, International Biometric Industry Assoc. | PRES | BIO
Panelist: Mr. James Jasinski, Cogent | PRES | BIO
Panelist: Mr. Dave Lohman, Director, Biometrics Task Force | PRES | BIO
Panelist: Mr. Jerome Pender, Deputy Assistant Director - CJIS, FBI | PRES | BIO
Panelist: Ms. Lynn Schnurr, SES DCS G-2 | PRES | BIO

Track 3: Federation
The Federal government is not in the business of providing credentials to everyone with whom it does business, but it does need to trust those same people. To enable physical or logical access control, the ability to verify the identity of someone through a trusted identity management provider is essential. Federation is a powerful tool that may be used to meet this need, but there are still many questions that must be answered. In this track, the technical and cultural challenges of accomplishing Federation will be discussed by the experts, both inside and outside of Government. They will provide ideas and case studies that explain how to maximize the use of Federation and how to embrace and use the tools available today.

Thursday 1000-1200, Overcoming the Risks of Federation
Those who must use and share identities established by other organizations perceive risk resulting from not personally checking source documents or electronic data that verifies the identity. A host of related risks involving technology, malevolent intent, and honest mistakes also impede movement toward federation. Technology is essential to binding trust and identity, but making federation work is not just a matter of technology, policy or process. If recipients of transactions can’t trust that the person on the other end is who he purports to be, it doesn’t matter whether or not it is possible to communicate with him or process the transaction.
  • If a problem with a person’s identity is discovered, what is my liability for your mistake?
  • How are these errors discovered and corrected?
  • What is the proper response when breaks in the chain of trust are found?
  • Is the proper response different inside and outside of Government?
  • How do organizations assure trust over time?
  • Configuration Management is essential to enabling continued operations as technology improves and undergoes updates. Whose standards do we use to manage change?


Moderator: CAPT, USN (Ret.) Joe Grace, Consultant, Grace & Associates | PRES | BIO
Panelist: CAPT Bill Carney, N6 ADCOS, COMNAVRESFORCOM | PRES
Panelist: Dr. Alan Harbitter, Nortel | PRES
Panelist: Mr. Jeff Nigriny, CEO, Certipath | PRES

Thursday 1500-1700, How much trust is enough?
Federation has to work in the real world. That means one size does not fit all. For federation to be successful, it must be able to meet a variety of needs in both the physical and logical worlds, while still being cost effective.
  • Does Federation have to rely on PKI?
  • Can we communicate between levels of trust?
  • Mutual Authentication – You trust me, but can I trust you?
  • How do organizations resolve differences in trust models?
  • Is trust scalable?
  • What are the costs of maintaining high levels of assurance?


Moderator: CAPT, USN (Ret.) Joe Grace, Consultant, Grace & Associates | PRES | BIO
Panelist: Mr. Dave Chesebrough, President, AFEI | PRES | BIO
Panelist: Mr. Tom Connell, VP Government Solutions, Vuance LTD | PRES | BIO
Panelist: Dr. Mike Mestrovich, Unlimited New Dimensions, LLC | PRES | BIO
Panelist: Mr. Frank Moss, Identity Matters, LLC | PRES

Friday 1000-1200, How does Federation facilitate information sharing?
The tools of federation are only as useful as what you are able to accomplish with them. Without the ability to access, control, or share information, federation is of limited use. Identity Management is essential to the success of government information sharing initiatives and federation could be a powerful tool to extend the ability to both allow access and provide better protection for the information we collect and use.
  • How do federation infrastructures map into the information sharing environment?
  • Is federation the focus or the enabler?
  • How does federation facilitate protection of (Spell out?) (CUI) data?
  • How does federation support information sharing across the public/private interface?
  • What are the issues standing in the way of making federation a reality?
  • What are the solutions that address the issues?


Moderator: CAPT, USN (Ret.) Joe Grace, Consultant, Grace & Associates | PRES | BIO
Panelist: Mr. Mike Butler, Director, Identity Management, GSA | PRES | BIO
Panelist: Mr. Paul Grant, Special Assistant for ID Mgmt, DoD CIO | PRES | BIO
Panelist: Ms. Hilary Ward, Citibank | PRES
Panelist: Mr. James Zok, Director, Identity Management, CSC | PRES | BIO

Track 4: Next Gen Identity
The future of Identity and Identity Management. How important is the protection of Identity to the next Generation? In a world fused with texting, My Space, and Facebook, what sociological changes are we facing when there is a fine line between reality and a second identity? How will this perspective on identity implicate government efforts in securing information? What is the future of IdM Technologies? How effective are current efforts at protecting the future of individual identities and access privileges? How important is identity protection to our future national security with the advent of potential Cyber threat? The tracks within the Next Generation Identity Track Sessions will provide thought provoking insight into these questions by promoting a dialogue around these potential conflicting issues - their effect on our society and National defense, both from a personal, sociological and national perspective.

Thursday 1000-1200, Future IdM Technologies
This panel is focused on the new and innovative technological approaches to securing identity. Subjects such as biometrics, IRIS, and vehicles to sustain data pertinent to identity vetting, such as the CAC, will be discussed from a future perspective. What new technologies are being investigated, developed, and tested? This panel will share prospective developments and technological direction.
  • What biometrics are conceivable in the near term that the public will accept as not intrusionary?
  • How do you protect privacy when biometrics are the basis for identification?
  • Privacy policy impact on technology?


Moderator: Mr. Curt Barker, Division Chief, Computer Security, NIST | PRES | BIO
Panelist: Mr. Tom Lockwood, Sen Advisor for Credentialing Interop., DHS | PRES
Panelist: Dr. Ross Micheals, Information Access Division, NIST | PRES | BIO
Panelist: Mr. Neville Pattinson, Vice President, Gemalto | PRES | BIO

Thursday 1500-1700, Securing Identity in Future Infrastructures
The infrastructures of the future will need to support not only enormous databases and repositories for information, but will also need to support an increased need for access. Since security requirements will only continue to increase, infrastructures will need to be designed in a way that individual information is appropriately stored and identity stringently secured, while still providing for appropriate access. What designs are being developed to support these future needs? How will this affect the size and capability of current infrastructures, and impact future direction?
  • As networks and identity management systems evolve, what will it take to protect the IT infrastructure while implementing new and more extensive applications of identity management?
  • How does this impact current privacy legislation?
  • What are the individual privacy protection and data access needs to be addressed by legislators?


Moderator: Mr. Curt Barker, Division Chief, Computer Security, NIST | PRES | BIO
Panelist: Mr. Tanuj Gulati, Senior Identity Strategist, Sun Microsystems | PRES | BIO
Panelist: Mr. Sam Hartmann, CEO, Painless Security | PRES | BIO
Panelist: Dr. Stephen Kent, Chief Scientist, BBN Technologies | PRES | BIO

Friday 1000-1200, The Now Generation - What does Identity mean?
Generation Y has a different perspective on identity than what is considered mainstream. People who now spend their time texting, have multiple identities on Facebook, MySpace ®, and Friendster ®, what does identity mean to them? Are they concerned about privacy, their identities being compromised, or the propensity for malicious infringement of personal rights? What is the extent of profiling and is that successful? How will profiling evolve in the future, and is that effective in protecting privacy?
  • What kind of identity does Generation Y use on online profile genre sites? How important is it?
  • How is it verified and protected?
  • What are the threats that this type of communication precipitates?


Moderator: Mr. Curt Barker, Division Chief, Computer Security, NIST | PRES | BIO
Panelist: Mr. Dave Johnson, Director, ID Analytics, Inc. | PRES | BIO
Panelist: Mr. Tim Jurgensen, Identity Alliance | PRES | BIO
Panelist: Mr. Chris Williams, Section Leader, MITRE | PRES | BIO
Panelist: Mr. Jim Young, Evangelist, Google | PRES