E-Authentication Overview - PowerPoint PPT Presentation

Loading...

PPT – E-Authentication Overview PowerPoint presentation | free to download - id: 52280b-NjBmM



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

E-Authentication Overview

Description:

Technical Track Session E-Authentication Overview & Technical Approach Scott Lowery E-Authentication Technical Approach Agenda E-Authentication Overview Policy ... – PowerPoint PPT presentation

Number of Views:598
Avg rating:3.0/5.0
Slides: 32
Provided by: JamesB164
Learn more at: http://ifap.ed.gov
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: E-Authentication Overview


1
E-Authentication Overview Technical Approach
Technical Track Session
  • Scott Lowery

2
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Policy Framework
  • Technical Approach
  • Interoperability Lab

3
Policy Infrastructure
1. Establish e-Authentication risk and assurance
levels for Governmentwide use (OMB M-04-04
Federal Policy Notice 12/16/03)
2. Establish standard methodology for
e-Authentication risk assessment (ERA)
3. Establish technical assurance standards for
e-credentials and credential providers (NIST
Special Pub 800-63 Authentication Technical
Guidance)
4. Establish methodology for evaluating
credentials/providers on assurance criteria
(Credential Assessment Framework)
6. Establish common business rules for use of
trusted 3rd-party credentials
5. Establish trust list of trusted credential
providers for govt-wide (and private sector) use
4
OMB 04-04

Assurance Level Impact Profiles Assurance Level Impact Profiles Assurance Level Impact Profiles Assurance Level Impact Profiles
Potential Impact Categories for Authentication Errors 1 2 3 4
Inconvenience, distress or damage to standing or reputation Low Mod Mod High
Financial loss or agency liability Low Mod Mod High
Harm to agency programs or public interests N/A Low Mod High
Unauthorized release of sensitive information N/A Low Mod High
Personal Safety N/A N/A Low Mod High
Civil or criminal violations N/A Low Mod High
5
NIST SP 800-63
Assurance Level Assurance Level Assurance Level Assurance Level
Allowed Token Types 1 2 3 4
Hard crypto token ? ? ? ?
Soft crypto token ? ? ?
Zero knowledge password ? ? ?
One-time Password Device ? ? ?
Strong password ? ?
PIN ? ?
6
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Assertion Based Authentication
  • Certificate Based Authentication
  • Interoperability Lab

7
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Assertion Based Authentication
  • Overview
  • Management
  • SAML (Security Assertion Markup Language)as an
    Adopted Scheme
  • Certificate Based Authentication
  • Interoperability Lab

8
Base Case
9
Starting at the AA
10
Startingat the CS
11
SpecializedPortals
12
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Assertion Based Authentication
  • Overview
  • Management
  • SAML as an Adopted Scheme
  • Certificate Based Authentication
  • Interoperability Lab

13
EmergingTechnology
14
SchemeTranslator
15
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Assertion Based Authentication
  • Overview
  • Management
  • SAML as an Adopted Scheme
  • Certificate Based Authentication
  • Interoperability Lab

16
SAML 1.0Artifact ProfileBase Case
17
SAML 1.0Artifact Profile Single Sign-On
18
SAML 1.0Artifact ProfileGovernance
19
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Assertion Based Authentication
  • Certificate Based Authentication
  • Interoperability Lab

20
ValidationService
21
LocalValidation
22
CertificatesAt LowerAssuranceApplications
Scheme Translator
Step 4 The ST uses the validation service
to validate the certificate
23
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Interoperability Lab
  • Product Testing
  • Technical Support
  • CS / AA Testing

24
  • COTS (Commercial Off The Shelf) Product Testing
  • Scheme compliance
  • Interoperability

AAs CSs
25
  • Product Testing
  • See List of Approved Vendors

26
  • COTS Product Testing
  • Certificate Validation

27
E-Authentication Architecture Evolution
  • Architecture Working Group
  • Evaluating Evolving Standards
  • Scheme Translators

28
E-Authentication Interoperability Lab
  • Technical Support
  • Interoperability Testing
  • SAML Conformance Testing
  • Acceptance Testing
  • Approved Product List
  • Cookbook / Recipes
  • Extensive Experience in All These Areas

29
E-Authentication Technical Approach
  • Agenda
  • E-Authentication Overview
  • Technical Approach
  • Interoperability Lab

30
Resources
  • http//www.cio.gov/eauthentication
  • interoplab_at_enspier.com
  • Additional Contacts
  • Chris Louden - 703-299-3444 Chris.louden_at_enspier.c
    om
  • Andrew Chiu - 703-299-3444 Andrew.chiu_at_enspier.com
  • Steve Lazerowich - 703-299-3444
  • Steve.lazerowich_at_enspier.com
  • David Simonetti - 410-356-2260
  • David.simonetti_at_enspier.com

31
Contact Information
  • I appreciate your feedback and comments.
  • I can be reached at
  • Scott Lowry
  • scott_at_enspier.com
  • 202-236-8221
About PowerShow.com