Authentication Session I

From AFCEAWiki

Contents 1 Session I: Secure Sharing of Identity Data 2 Abstract 2.1 Moderator 2.2 Panel 2.3 Threads 3 1. Mr. Mike Butler 4 2. Ms. Sarbari Gupta 5 3. CAPT John Boyd 6 4. Mr. Russ Reopell 7 5. Mr. Tim Fong 8 Paul Grant

[edit] Session I: Secure Sharing of Identity Data

JOIN THE ONGOING SOLUTIONS DIALOGUE ON THE GOOGLE GROUP SITE

[edit] Abstract

How do we ensure integrity and reliability of identity data in our virtual enterprise data repository?

[edit] Moderator

• Mr. Al Mink, Principal Systems Engineer, SRA

[edit] Panel

• Mr. Mike Butler, Director, GSA MSO
• Mr. Tim Fong, Deputy Director Identity Assurance and PKI, OSD NII
• Ms. Sarbari Gupta, CEO, Electrosoft Services
• Mr. Paul Grant, Special Assistant to DoD CIO

Speaker BIOS

Audio Podcast

[edit] Threads

GENERAL QUESTIONS:

• What is the case for a virtual identity data repository for the enterprise?
• What are the challenges in establishing, maintaining, updating and revoking identity data for authoritative sources?
• What enterprise service attributes have been identified?
• Do we have complete anonymity of identity data or how much do or should be let out?

---

KEY ISSUES/TOPICS (By Speaker)

[edit] 1. Mr. Mike Butler

 a. Most federal agencies lag DoD in terms of necessary IDM/IDA infrastructure 
 b. Culturally, each agency is different, with different approaches and needs
 c. Despite the challenges in civil agencies, some are already finding benefits

[edit] 2. Ms. Sarbari Gupta

 a. The key factors in sharing are: currency, availability, and revocation
 b. Some federal agencies are doing well today, such as: NASA, FAA & DoL
 c. For commercial and international organizations, the TSSP shows promise
 d. It’s all about Trust.  What is trust?  How is it defined and fulfilled? 

[edit] 3. CAPT John Boyd

 a. Biometrics plays a key part in being able to trust the authentication
 b. The federated approach to trust and sharing is the best approach
 c. The key for such sharing and interoperability is “standards”

[edit] 4. Mr. Russ Reopell

 a. DoD is deploying an enterprise IDM service: JEDS
 b. Cross-cutting working groups are making progress, such as the DoD-IC working group and the DoD IDM Working Group led by Tim Fong
 c. CAC remains important.  But, it’s interesting how civil agencies have been quicker to adopt it for physical access than DoD has.

[edit] 5. Mr. Tim Fong

 a. IdM and Services-oriented architecture approach: IdM Services discoverable across the Enterprise
 b. The lifecycle of identity information needs to be kept current.  This remains a challlenge for an authorative source.
 c. Protecting personal information -

[edit] Paul Grant