nih interfederation activities and status federal pki l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
NIH Interfederation Activities and Status: Federal PKI PowerPoint Presentation
Download Presentation
NIH Interfederation Activities and Status: Federal PKI

Loading in 2 Seconds...

play fullscreen
1 / 12

NIH Interfederation Activities and Status: Federal PKI - PowerPoint PPT Presentation


  • 163 Views
  • Uploaded on

NIH Interfederation Activities and Status: Federal PKI. Peter Alterman, Ph.D. Asst. CIO for E-Authentication, NIH and Chair, Federal PKI Policy Authority. NIH E-Authentication Initiative Goals.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'NIH Interfederation Activities and Status: Federal PKI' - hea


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
nih interfederation activities and status federal pki

NIH Interfederation Activities and Status: Federal PKI

Peter Alterman, Ph.D.

Asst. CIO for E-Authentication, NIH and Chair, Federal PKI Policy Authority

nih e authentication initiative goals
NIH E-Authentication Initiative Goals
  • Researchers use their institutional identity credentials to authenticate to NIH online applications and services
  • Build a reliable, secure, trusted IT infrastructure that supports e-authentication

EDUCAUSE 2007

nih e authentication initiative goals3
NIH E-Authentication Initiative Goals
  • Researchers use their institutional identity credentials to authenticate to NIH online applications and services
  • Build a reliable, secure, trusted IT infrastructure that supports e-authentication

EDUCAUSE 2007

current nih initiatives
Current NIH Initiatives
  • Interfederated with InCommon higher education Identity Management Federation at OMB LOA 1: low/no risk applications put online and consume identity credentials issued by universities that are members of InCommon;
  • Extend interfederation agreement to OMB LOA 2 applications for universities that issue higher-assurance credentials under the InCommon Federation Silver program – for moderate risk applications (ETA 1/08);
  • Direct trust relationship with University of Texas System Public Key Infrastructure

EDUCAUSE 2007

nih pilot loa 1 applications
NIH Pilot LOA 1 Applications
  • NLM Proxy Redirector (initial application )
  • Good Clinical Practice (GCP)
  • Community for Advanced Graduate Training (CAGT)
  • NIH Login/ADFS/MOSS integration (general collaboration)
  • More to follow

EDUCAUSE 2007

nih pilot loa 2 applications
NIH Pilot LOA 2 Applications
  • Electronic Research Administration (eRA)
  • caBIG data (via Grid interoperability?)
  • Firebird (FDA, SAFE, NIAID involvement)
  • More to follow

EDUCAUSE 2007

end state for nih
End State for NIH
  • All NIH outward-facing, online apps risk assessed and credential LOA requirements determined
  • Credential validation infrastructure and/or linkages at production operational level
  • All NIH outward-facing, online apps connected to NIH Login front end with validation service enabling infrastructure (e.g., Shibboleth, etc.)
  • End State achieved… ???

EDUCAUSE 2007

federal pki update
Federal PKI Update

EDUCAUSE 2007

fed pki view from 20 000 km

SAFE

Industry PKIs

Fed PKI: View from 20,000 km

Common Policy CA (HSPD-12)

SSPs

Serving all other

Agencies

CertiPathSSP

(HSPD-12-

comparable)

FBCA

CertiPath

C4

Industry PKIs

eGCA (3)

EDUCAUSE 2007

fed pki view from 20 000 km10

SAFE

Industry PKIs

Fed PKI: View from 20,000 km

DOD DHS

NASA Commerce

USPS USPTO

HHS DOE

IL DOJ

State DOD/ECA

GPO DOD/Interop

Treasury

Wells Fargo

MIT LL

UTexasSx

Commercial “SSP-like”

Common Policy CA (HSPD-12)

Total: 15 – 20M

users

SSPs

VeriSign

Cybertrust

ORC

Treasury

GPO

Exostar

Entrust/Cygnacom

IdenTrusT?

Serving all other

Agencies

FBCA

CertiPath “SSP”

(HSPD-12-

comparable)

State of VA first responders

CertiPath

C4

Industry PKIs

Abbott Labs

AstraZeneca

Bristol-Myers Squibb

Genzyme

GlaxoSmithKline

INC Research

Johnson & Johnson

Merck

Pfizer

Procter & Gamble

Sanofi-Aventis

TAP Pharmaceuticals

Boeing

Raytheon

Lockheed Martin

eGCA (3)

~ 500k users!

EAF member CSPs

TLS certs

EDUCAUSE 2007

interoperability initiatives
Interoperability Initiatives
  • CertiPath – Federal Bridge cross-certification complete
  • SAFE PKI Bridge and services – supporting digitally-signed electronic forms and document management
  • inCommon –assertion-based technology, LOA 1 & 2 – demonstration projects with NSF – interfederation with NIH NOW

EDUCAUSE 2007

resources
Resources
  • altermap@mail.nih.gov
  • http://csrc.nist.gov/pki
  • www.cio.gov/fpkipa
  • www.cio.gov/ficc
  • www.cio.gov/eauthentication
  • www.smartcardalliance.org

EDUCAUSE 2007