The Need for Trusted Credentials

1
The Need for Trusted Credentials

• Information Assurance in Cyberspace

Mary Mitchell Deputy Associate Administrator Offic
e of Electronic Government Technology www.cio.go
v/eauthentication www.cio.gov/fpkisc
2
A Few Assertions

• The Internet is perceived as being inherently
  anonymous
• In order to conduct trusted transactions, we need
  to know with whom we are dealing
• Transactions must be within reasonable risk
  limits
• Trusted electronic credentials provide the means
  to link an asserted identity in the electronic
  world to physical entities

3
Facets of Building Trust
Thanks to Karl Best, Director of Technical
Operations, OASIS
4
The Challenge of Trust Online

• Unrealistic expectations
• Immediacy but with safety, personal autonomy and
  control
• Personalization without surveillance
• Security and privacy without inconvenience, loss
  of immediacy
• Privacy Concerns are Real
• Issuing credentials raises privacy concerns,
  strong identity proofing increases these concerns
• Reasonable use extended beyond initial use over
  time
• Basic conflict with convenience the key to
  security is less data and more control

5
Preconditions for Credential Trustworthiness

• Unique to the person using it
• Under the sole control of the person using it
• Capable of verification
• Credential Pedigree
• Institutional Standing of the Provider
• Governance
• Establishment of Identity
• Credential Control

6
Challenges of Identity Management

• Most identity management systems were built one
  application at a time
• No scalable, holistic means of managing identity,
  credentials, policy across boundaries
• Fragmented identity infrastructure, inconsistent
  policy frameworks, process discontinuities
• Potential security loopholes, expensive to manage
  
• Few Agency enterprise approaches exist
• Infrastructure requirements extend reach and
  range
• Increase scalability, lower costs
• Balance of centralized and distributed management
• Infrastructure must be more general-purpose and
  re-usable

7
E-Authentication

• In Addition to Policy, Three Focus Areas
• Agency Application Risk Analysis
• Modified proven process for E-Authentication
  Needs (eRA)
• Focused on Identity Assurance at the Transaction
  Level
• Authentication Gateway
• Provide validation services for multiple forms of
  ID credentials
• Prototype gateway used to technical understanding
  of products
• Agency business processes to broker identity
  assurance model
• Establish common interfaces for doing electronic
  transactions
• Establish Process to Evaluate Electronic
  Credential Providers

8
Determining Authentication Needs

• Standardize process to assess the security risk
• Three primary risks
• Improper disclosure
• Program fraud
• Image/reputation of Agency
• Determine transaction risk
• Recommend appropriate authentication for a
  given transaction
• Examine transaction flow and vulnerabilities
• Estimate cost and identify alternatives

9
Conducting eRA
Basis SEI

• An interdisciplinary team -- comprised of
• business or mission-related staff
• information technology staff
• eRA self-directed tool available to
• guide team through process
• produce consistent risk report with reduced
  effort
• Provides basis for selecting Assurance Level

10
Future of the Gateway
Credential Providers
Identity Verification Not Required
Identity Verification Required
Credential Validation Process
eAuthentication Gateway
Federal Agency Relying Parties
11
The GATEWAY Concept
Credential Providers
Agency Applications
GATEWAY

Ap1
ECP 1
Technology Mapping
ECP 2
Ap2
DCP 1
Ap3
ECP 3
Ap4
DCP 2
Ap5
12
Federal Authentication Infrastructures

• Existing Infrastructures for trusted transactions
• E-Authentication Gateway provides a mechanism to
  evaluate ANY type of electronic Credential
• Federal Bridge links together Public Key
  Infrastructure (PKI) based Trust domains
• ACES provides an outsourced common infrastructure
  and PKI credentials for Trust domain with the
  public
• NFC provides a managed infrastructure and PKI
  credentials for Trust domain for Agency
  operations
• Common Access Card provides for common, secure
  platform for maintaining credentials
• Each has benefits for overall trust relationship

13
The Problem with PKI

• Concerns about complexity and cost
• Suitable when strong authentication needed
• Multiple Public Key Infrastructures operated by
  Agencies
• Operational PKIs have incorporated differing
• Technical Solutions
• Policy Decisions
• Federal Government also needs a mechanism for
  reliance on internal and external Trust Domains.
• Interoperability is the CHALLENGE!
• Both Policy and Technical Interoperability

14
Federal Bridge Certification Authority

• Enables certification between organizations so
  agencies trust each others public key
  credentials. The Federal Bridge

• Acts as a trust anchor
• Enables digital credentials issued by one agency
  to be used /trusted at other agencies that have
  been cross-certified.
• Benefits of the Federal Bridge
• Use of certificate policies and standards-based
  technologies and processes provides flexiblity
• Allows all organizations to make one security
  agreement with the Bridge CA, rather requiring
  multiple security agreements
• Allows trust interoperability between
  organizations and minimizes impact on the
  organizations infrastructures and end-user
  applications

15
Federal Bridge Certification Authority

• Path Construction
• Kathy ? Pink
• Pink ? FBCA
• FBCA ? Green
• Green ? Mike

16
Thank You For your Time Attention