Government Presents Federal Policy

Federal Policy, Technology Standards for Shaping Secure Identity and Access

The impact of updates to policy and specifications for the expanded use of standards-based technologies on securing identity and access in government was a leading theme throughout the two-day event.

  • By Randy Vanderhoof
  • Jun 13, 2018

More than 300 government policy leaders, security experts and technology providers gathered at the Secure Technology Alliance’s Securing Federal Identity 2018 conference in Washington, D.C., last week to discuss the latest developments and innovations in federal identity credentialing and access security.

As the nation’s premier event for government-led cybersecurity policy and digital identity technology, more than half of registrations were federal executives looking to learn about identity management roadmap changes, progress for cloud and mobility initiatives, and updates from OMB, GSA, DHS and NIST on policy and standards initiatives.

An Insider’s Look

The impact of updates to policy and specifications for the expanded use of standards-based technologies on securing identity and access in government was a leading theme throughout the two-day event.

Keynote speaker Suzette Kent, federal CIO of OMB, kicked off the event by highlighting some of the challenges that need to be addressed through advances in policy and technology, including gaps in the use of multi-factor authentication, the division between logical and physical access, and the need for cross-agency interoperability.

More government policy and technology updates followed Kent’s remarks from two federal program leaders – Jim Sheire, director of FICAM at GSA and Anil John, cyber security R&D program manager at DHS. Both provided valuable insights into progress the government is making in aligning identity policy and security standards with changing requirements for mobile authentication and modernizing identity management services.

Jordan Burris, senior cybersecurity advisor for the Executive Office of the President, shared an inside look at how and why the draft federal Identity Policy document OMB M-18-XX was developed, stating that industry feedback deemed the previously-published policies too restrictive, and confined innovation. Burris said this feedback helped to direct the latest update, with the goal to consolidate and update existing requirements and promote innovation by improving ICAM governance, modernizing ICAM capabilities and improving adoption of shared services.

Hildegard Ferraiolo, computer scientist at NIST, gave an update on derived mobile credentials detailed in NIST publication SP-800-157 and an early look into the updates being made to SP 800-116, “A Recommendation for the Use of PIV Credentials in PACS,” being released this summer. She highlighted that the aim of the revision is to align with HSPD-12 to ensure electronic authentication for PACS is reliable, fast, secure and interoperable across agencies.

Alternatives for Authentication

In a panel focused on multifactor authentication choices, three authentication experts outlined innovative alternatives and current initiatives for multi-factor authentication for federal agencies:

  • Paul Grassi, partner and SVP of cybersecurity and identity management at Easy Dynamic Corporation, pointed to FIDO authentication as a standards-based option that is being widely implemented across a variety of industries and platforms that provides high-assurance strong authentication. Grassi highlighted that FIDO authentication can be used in government to provide stronger, more usable and more affordable authentication than passwords and OTPs
  • Joel Minton, executive director of Login.gov, detailed how the Login.gov initiative is mandating strong authentication to make managing federal benefits, services and applications across multiple government agencies easier and more secure. Today, more than 20 agencies are offering services through Login.gov
  • Col. Tom Clancy, who serves as IDAM and PKI lead in the Office of the Secretary of Defense, looked at different authentication options, such as PKI, FIDO Security Keys and on-device credentials, and discussed the need for finding a way to simplify implementation of these options

Expanding the Use of PIV to Mobile Devices

In a discussion on federal identity programs and standards, speakers gave updates on use cases where progress is being made in expanding the use of PIV credentials to mobile devices.

David Coley, senior solution architect for Intercede, showed how mobile derived credentials based on PIV have become increasingly standardized across a wider range of mobile devices and mobile management services.

Ben Andreas, director of sales for XTec Inc., shared the latest developments in the rollout of derived credentials in DHS, more than 60,000 credentials have been issued. He also shared lessons learned surrounding testing, policy and the need for collaboration with people across a variety of roles within DHS to make the implementation successful.

Brandon Iske, Purebred lead at DISA, shared an update on their Purebred initiative, which aims to augment the CAC card by moving credentials to mobile devices. Today, they have enabled credentials across approximately 35,000 devices on the iOS, Android, Microsoft and Blackberry mobile operating systems and are continuing to see growth.

Securing Federal Identity – a Forum for Education and Action

An educational panel led by the Secure Technology Alliance Access Control Council featured government and industry experts discussing lessons learned from their involvement in deployments of PIV-enabled PACS. Panelists shared their expertise in implementing PACS for government from the Alliance’s recent six-part webinar series on the topic, “How to Plan, Procure and Deploy a PIV-Enabled Physical Access Control System.” Panelists included Tony Damalas, vice president of SigNet Technologies Convergint Federal Solutions; Michael Kelley, electronic security system technical specialist at Parsons; Stafford Mahfouz, manager of the government and DoD vertical at TYCO; and William Windsor, deputy director Enterprise Integration and Compliance Office at DHS.

In providing educational sessions on technologies and policies, the Securing Federal Identity event also saw strong participation from the audience, making it a forum for federal government and technology executives to openly discuss current challenges, identify possible solutions, and answer questions about procurement of technology, alignment with policy, use of standards and developments in for government identity management initiatives.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West

  • Live From ISC West 2024: Post-Show Recap

    ISC West 2024 is complete. And from start to finish, the entire conference was a huge success with almost 30,000 people in attendance. Read Now

    • Industry Events
    • ISC West

  • ISC West 2024 is a Rousing Success

    The 2024 ISC West security tradeshow marked a pivotal moment in the industry, showcasing cutting-edge technology and innovative solutions to address evolving security challenges. Exhibitors left the event with a profound sense of satisfaction, as they witnessed a high level of engagement from attendees and forged valuable connections with potential clients and partners. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3