Identity Management (IdM) is a broad administrative area that deals with identifying and managing individuals within a government, state, local, public, or private sector network or enterprise. In addition, authentication and authorization to access resources such as facilities or, sensitive data within that system are managed by associating user rights, entitlements, and privileges with the established identity. The question, “How do I know you are who you say you are and by what authority are you allowed access?” is, in part, a description of what IdM activities are trying to resolve. The mission of the IdM research projects is to develop, test, and evaluate interoperable tools, technologies, standards, and protocols for the purpose of controlling user access within and outside of organizational boundaries. The foundational goal is to increase security and productivity while decreasing cost and security risks.
Privacy enhancing technology (PET) is the set of technologies and associated business processes, which help organizations responsibly manage personal information in a manner that protects individual privacy consistent with applicable law, policy, and mission. PETs are critical enablers of information sharing as they foster confidence that personal information is being used appropriately while minimizing privacy risk. The DHS Science & Technology Directorate (S&T) is supporting the application of privacy technology to Homeland Security Enterprise missions by exploring, refining and integrating technologies and techniques, and piloting the results. S&T is currently identifying and prioritizing specific DHS privacy technology needs. S&T is also collaborating with state and local Fusion Centers to enhance information sharing mission needs that protect personally identifiable information.
Key areas and principles of the Identity Management and Data Privacy research projects:
The IdM projects evaluates new and existing IdM systems and techniques to support identity-proofing, access control, authorization, and secure information sharing. This will be achieved through the development of standards, proof-of-concept demonstrations, as well as case studies, best practices, and lessons learned.
- Interoperability – Providing interoperability across diverse systems and organizations while taking into account the social, political, and organization politics and requirements, which ultimately impact the technologies and processes.
- Open Standards – Developing standard-based interfaces and protocols for the vendor community to develop products that provide customers with capabilities that are vendor agnostic.
All projects are based on the requirements and capability gaps of the S&T “customer”-the Homeland Security Enterprise- including federal, state, local, public and private sectors. Coordinating development activities and encouraging working relationships between the customers and development communities is core to increasing the sustainable use of trusted credentials for identity and access management. Cross-industry events, designed to serve as platforms for collaboration, are already underway.
- State and Local – S&T sponsors the PIV-I/FRAC Technology Transition Working Group (TTWG), where federal, state, and local partners share activities, lessons learned, and success stories for a standard, interoperable, and trusted credential.
- Financial Services Sector – The S&T-sponsored Financial Institution – Verifying Identity Credential Service includes all the major financial institutions working to reduce the risk of identity fraud.
- Federal – The S&T IdM participates in, and provides R&D support, to the Federal Identity, Credential, and Access Management (FICAM) subcommittee under the Federal Chief Information Officers Council.
- Internal DHS components – S&T convened the Privacy Working Group, comprised of privacy stakeholders to include but not limited to, various DHS agency components such as ICE, US-CIS, CBP, US-VISIT, and TSA, regarding their operational-level view of privacy gaps in DHS. The Privacy Working Group meets annually to gather requirements to address common capability gaps.
S&T is committed to investing in advanced R&D activities that support IdM objectives and support innovation for better solutions. This is achieved in part by enabling broad adoption and participation by public and private sectors as well as collaboration across communities of interest.
- IdM Testbed – S&T established an IdM testbed to evaluate various identity and access control architectures and technologies for the homeland security community, including federal, state, local, public, and private sectors.
IdM Research Projects and Transitions
- Backend Attribute Exchange (BAE) for Secure Information Sharing
- Case Study Report
- Standard-based Attribute Exchange to a Mobile Device for Incident Scene Access Provisioning
- Financial Institution – Verifying Identity Credential Service
- PACS/LACS interoperability
Data Privacy Technologies Research Projects and Transitions
- Data Anonymization
Identity Management Projects News and Updates
Digital ID Magazine Cover Story S&T IdM sponsored PIV-I/FRAC TTWG made the cover story of the December 2011 issue of Digital ID magazine. Check out: Making the Case for First Responder IDs on page 26.
Interested in learning more or getting involved?
Please contact the S&T Identity Management or Data Privacy Technologies projects at firstname.lastname@example.org