International Collaborative Identity Management (CIDM) Forum
September 13, 2004
Booz Allen Hamilton Building
8283 Greensboro Dr; McLean, VA 22102
This is the second meeting of the ICIDM Forum to provide
updates on Government and Industry PKI Initiatives.
| Agenda | Purpose
| Registration | Presentations
Hosted by Booz|Allen|Hamilton:
in PDF Format
Recent addition to the agenda!
Homeland Security Presidential Directive 12, dated August 27, 2004
President George W. Bush issued HSPD-12, which directs the Secretary
of Commerce to promulgate in accordance with applicable law a Federal
standard for secure and reliable forms of identification (the "Standard")
within six months.
The purpose of the Standard is to enhance security, increase Government
efficiency, reduce identity fraud, and protect personal privacy
by establishing a mandatory, Government-wide standard for secure
and reliable forms of identification issued by the Federal Government
to its employees and contractors (including contractor employees.
9:00 NCES Security Services
9:30 Federal PKI Bridge
10:00 Homeland Security Presidential Directive
11:00 Boeing PKI Initiatives
11:30 International Update
1:00 Aeorspace Industry Bridge
1:30 Pharmaceutical Industry Bridge
2:00 Electronic Authentication Partnership
2:30 CAC and DCIS Update
3:00 CIDM Forum Technology and B2B
Working Group Reports
- Back to top -
The OASD (NII), the Federal PKI Steering Committee, the United
Kingdom Council for e-Business Transatlantic Secure Collaboration
Program Task Force and AFEI announces the second meeting of the
International CIDM Forum.
Purpose of ICIDM
1. DOD requested AFEI and AIA to invite industry and allied governments to a Forum to clarify the current Federal policy and implementation of identity management (PKI) within and across collaborating organizations - Collaborative Identity Management. The Society of British Aerospace Companies (SBAC), the UK Defence Manufacturers Association (DMA), and NACHA are also participating.
2. Establish a continuing group called the International CIDM Forum. This group will educate, assess and advise on CIDM policy, process and technology issues including strong identity management, data segregation management, PKI/PKE implementation, cross-certification, and commercial CA bridges.
The security and protection of sensitive electronic information is an issue for all, and a growing concern as we depend more and more on our ability to share information in the face of increasingly sophisticated and numerous threats.
In April DoD announced the achievement of a Initial Operating Capability (IOC) for the basic functions of the DoD PKI. The DoD is aware of the impact the use of PKI will have on its external partners. Therefore, the CIDM Forum will help DoD's partners understand the implications of this transition. However, the sensitivity of some data may require immediate use of PKI for access to web sites and immediate compliance for some types of transactions.
This could prevent some defense contractors from working with the department in certain areas until they comply. The DoD policy will eventually require the provision of digital certificates to improve the security of transactions between DoD and its contractors. There are about 350,000 defense contractors, and an estimated 10 percent to 15 percent had obtained certificates as of April.
The Federal Bridge
Identity management is becoming the norm across the government. Some states (e.g. Illinois) will issue citizens certificates for access to services. The Federal PKI Steering Committee (FPKISC) provides Government-wide guidance and coordination of Federal activities necessary to implement a public key infrastructure. The FPKISC coordinates, oversees, monitors, implements, and reports on the development of a public key infrastructure to support secure electronic commerce and electronic messaging as well as other Federal agency programs requiring the use of PKI. The General Services Administration, E-Authentication Program Management Office, has been appointed as the operation authority for Federal PKI Bridge. Cross certification with this bridge is a means to exchange certificates amongst collaborating organizations. Both the UK MOD and GOC are on similar paths.
A Commercial Bridge
The DoD policy mentioned above demands that certain kinds of electronic transactions must be signed with a DOD-approved digital certificate. In response, a community of international governments, industry organizations and companies have agreed that a capability must be created to enable industry electronic trust mechanisms to interact with each other and with many governments (not just DOD) - this is the Commercial Bridge.
Establish a standing group under the broad NCOIF Charter to:
- Advise and assess CIDM capability for collaboration between autonomous enterprises, both government and industry
- Policy, Process and Technology
- Set criteria for third-party providers of identity proofing services to individuals and other enterprises
- Platform to Launch Commercial Bridge
- Educate on strong identity management, data segregation management, PKI/PKE implementation, cross-certification and commercial CA bridges.
- Back to top -
The meeting is open to those who have interest in this area AND
who wish to contribute time and energy to the potential work of
the Forum. Registraiton is $50.00 per person. To register click
- Back to top -
for directions to the Forum.