e authentication overview technical approach l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
E-Authentication Overview & Technical Approach PowerPoint Presentation
Download Presentation
E-Authentication Overview & Technical Approach

Loading in 2 Seconds...

play fullscreen
1 / 31
libitha

E-Authentication Overview & Technical Approach - PowerPoint PPT Presentation

229 Views
Download Presentation
E-Authentication Overview & Technical Approach
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Technical Track Session E-Authentication Overview & Technical Approach Scott Lowery

  2. E-Authentication – Technical Approach Agenda • E-Authentication Overview • Policy Framework • Technical Approach • Interoperability Lab

  3. Policy Infrastructure: 2. Establish standard methodology for e-Authentication risk assessment (ERA) 1. Establish e-Authentication risk and assurance levels for Governmentwide use (OMB M-04-04 Federal Policy Notice 12/16/03) 3. Establish technical assurance standards for e-credentials and credential providers (NIST Special Pub 800-63 Authentication Technical Guidance) 4. Establish methodology for evaluating credentials/providers on assurance criteria (Credential Assessment Framework) 6. Establish common business rules for use of trusted 3rd-party credentials 5. Establish trust list of trusted credential providers for govt-wide (and private sector) use

  4. OMB 04-04

  5. NIST SP 800-63

  6. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Assertion Based Authentication • Certificate Based Authentication • Interoperability Lab

  7. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Assertion Based Authentication • Overview • Management • SAML (Security Assertion Markup Language)as an Adopted Scheme • Certificate Based Authentication • Interoperability Lab

  8. AAs CSs Base Case

  9. Starting at the AA

  10. Step #3: After Selecting their AA the user is redirected back to the CS as usual CSP ID Startingat the CS

  11. Step #2: The user is Redirected to the portal With the CS and AA IDs Step #3: The user is cookied and redirected to the CS SpecializedPortals

  12. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Assertion Based Authentication • Overview • Management • SAML as an Adopted Scheme • Certificate Based Authentication • Interoperability Lab

  13. Evaluate new Scheme against requirements Assess COTS Interoperability Start Scheme Adoption Lifecycle Migrate, Translate, or Both. Pilot Adopt EmergingTechnology

  14. Scheme Translator SchemeTranslator

  15. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Assertion Based Authentication • Overview • Management • SAML as an Adopted Scheme • Certificate Based Authentication • Interoperability Lab

  16. SAML 1.0Artifact ProfileBase Case

  17. SAML 1.0Artifact Profile Single Sign-On

  18. SAML 1.0Artifact ProfileGovernance

  19. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Assertion Based Authentication • Certificate Based Authentication • Interoperability Lab

  20. Step #1: User goes to Portal to select the AA and the CS ValidationService

  21. Step #1: User goes to Portal to select the AA and the CS LocalValidation

  22. CertificatesAt LowerAssuranceApplications Scheme Translator Step #4: The ST uses the validation service to validate the certificate

  23. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Interoperability Lab • Product Testing • Technical Support • CS / AA Testing

  24. AAs CSs • COTS (Commercial Off The Shelf) Product Testing • Scheme compliance • Interoperability

  25. Evaluate new Scheme against requirements Assess COTS Interoperability Start Scheme Adoption Lifecycle Migrate, Translate, or Both. Pilot Adopt • Product Testing • See List of Approved Vendors

  26. COTS Product Testing • Certificate Validation

  27. E-Authentication Architecture Evolution • Architecture Working Group • Evaluating Evolving Standards • Scheme Translators

  28. E-Authentication Interoperability Lab • Technical Support • Interoperability Testing • SAML Conformance Testing • Acceptance Testing • Approved Product List • Cookbook / Recipes • Extensive Experience in All These Areas

  29. E-Authentication – Technical Approach • Agenda • E-Authentication Overview • Technical Approach • Interoperability Lab

  30. Resources • http://www.cio.gov/eauthentication interoplab@enspier.com • Additional Contacts Chris Louden - 703-299-3444 Chris.louden@enspier.com Andrew Chiu - 703-299-3444 Andrew.chiu@enspier.com Steve Lazerowich - 703-299-3444 Steve.lazerowich@enspier.com David Simonetti - 410-356-2260 David.simonetti@enspier.com

  31. Contact Information I appreciate your feedback and comments. I can be reached at: Scott Lowry scott@enspier.com 202-236-8221