Welcome and introduction
1 / 9

Welcome and Introduction - PowerPoint PPT Presentation

  • Uploaded on

Welcome and Introduction. James Dyche Systems Manager 5 Technology Park Harrisburg, PA 17110. Achieving security interoperability through common federated identity and privilege management across disparate agencies and agency systems . How it Works. How it Works – User Perspective. 1. 4.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Welcome and Introduction' - dezso

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Welcome and introduction
Welcome and Introduction

  • James Dyche

  • Systems Manager

  • 5 Technology Park

  • Harrisburg, PA 17110

  • Achieving security interoperability through common federated identity and privilege management across disparate agencies and agency systems

How it works user perspective

How it Works

How it Works – User Perspective




  • JNET user tries to link to RISS.

  • RISS asks user to identify their home agency.

  • JNET (the home agency) prompts the user for authentication credentials.

  • RISS accepts the authentication and privileges presented by JNET.


Jnet users participating
JNET Users Participating

  • ~130 participating JNET users, include:

    • County - Adult Probation

      • Adult Probation Supervisors

      • Probation Officers

    • State - Adult Probation

    • Local – Law Enforcement

      • Chiefs of Police

      • Detectives

      • Lieutenants

      • Police Officers

      • Sergeants

    • D.A. Office Staff Members

    • Domestic Relations Enforcement Officers

    • Emergency Management Chiefs

    • TAC Officers

Pa jnet content
PA JNET Content

  • JNET services available to GFIPM users:

    • PA Probation "Fail to Report" Photos and Cases

    • PA Child Support Warrant Search/Results

    • PA Amber Alert

    • Lessons Learned

    • White pages of PA Justice Staff (Proxy Issue)

    • PA State Prisoner Locator (Proxy Problems)

    • Courts Warrants

    • Secured Court Docket Sheets

  • Potential Next 90 days:

    • PA Driver's License Photo Database

    • PA Dept of Corrections Intake/Exit Photos











Pennsylvania s status
Pennsylvania’s Status

  • GFIPM Status in PA

    • Infrastructure Installed and Operational

      • Identity Provider

      • Service Provider Content Available

    • JNET Steering Committee Presentation

      • Agencies still processing approvals for content

    • Commonwealth IPAM Presentation

    • Development for Demonstration

    • Tested out our sites

    • Testing to make sure users only get to content they are supposed to (This week)

    • Demonstration (Nov. 1)

    • Security Penetration Testing (Nov. 7-Nov. 8)

Value to pennsylvania
Value to Pennsylvania

  • Value Consist of Tangible and Intangible

    • JNET pilot-users access to CISA, RISS with their JNET credentials.

    • Showcasing JNET content to CISA, RISS, future partners

    • Proof of Identity provider/Service provider architecture.

    • Eliminate duplication of registration for JNET and home agency registrars and scores of registrations for each federation user.

    • Absolute authentication of current user status and privileges for federation users.

    • Access to JNET GFIPM Site via the Internet w/ FIPS 140-2 and NCIC blessings.

    • Proof that VPNs, intranets, and private networks are unnecessary for FIPS-140-2 and CJIS security.

    • VPN Cost Savings – TLS provides a cost effective, conformant encryption solution

Key success factors
Key Success Factors

  • Federation Users

    • Simplifies User Sign-On (Single Sign-on Goal)

    • Significantly Reduces End-User Deployment time

    • No additional end user software to access federated data (browser Based)

    • Eliminates the hassle of site registration

  • Federation Providers

    • Are in control of users that access their data.

    • Are still in control of their user base (registration and vetting)

    • Control access what data they will share

    • Have minimal cost impact to make content available

    • Have moderate cost impact to for provider to configure rules based upon identity attributes

    • Federation Providers decide user assertionsand rules necessary to access their data from across the nation.

    • Security Solution must respect providers autonomy

Recommended next steps
Recommended Next Steps

  • Need GAC’s Continued Support of this Project

    • Need to continue refining NIEM User Assertion Security package.

    • Need to keep adding content to the pilots

    • Consider adding more federations partners focused on expanding the pilot efforts

    • Continue learning from technical challenges – especially in Identity Mapping and Account Linkage

    • Need to Understand how Commercial Vendors support Federation using GFIPM’s meta-data base upon SAML