International Collaborative Identity Management (CIDM) Forum

September 13, 2004
Booz Allen Hamilton Building
8283 Greensboro Dr; McLean, VA 22102

This is the second meeting of the ICIDM Forum to provide updates on Government and Industry PKI Initiatives.

| Agenda | Purpose | Registration | Presentations | Directions |

Hosted by Booz|Allen|Hamilton:

Agenda

Agenda in PDF Format

Recent addition to the agenda!

Homeland Security Presidential Directive 12, dated August 27, 2004

President George W. Bush issued HSPD-12, which directs the Secretary of Commerce to promulgate in accordance with applicable law a Federal standard for secure and reliable forms of identification (the "Standard") within six months.

The purpose of the Standard is to enhance security, increase Government efficiency, reduce identity fraud, and protect personal privacy by establishing a mandatory, Government-wide standard for secure and reliable forms of identification issued by the Federal Government to its employees and contractors (including contractor employees. -More-

9:00     Welcome

9:00     NCES Security Services

9:30     Federal PKI Bridge

10:00   Homeland Security Presidential Directive 12

10:30   Break

11:00   Boeing PKI Initiatives

11:30   International Update

12:00   Lunch

1:00     Aeorspace Industry Bridge

1:30     Pharmaceutical Industry Bridge

2:00     Electronic Authentication Partnership

2:30     CAC and DCIS Update

3:00     CIDM Forum Technology and B2B Working Group Reports

- Back to top -

Purpose

The OASD (NII), the Federal PKI Steering Committee, the United Kingdom Council for e-Business Transatlantic Secure Collaboration Program Task Force and AFEI announces the second meeting of the International CIDM Forum.

Purpose of ICIDM
1. DOD requested AFEI and AIA to invite industry and allied governments to a Forum to clarify the current Federal policy and implementation of identity management (PKI) within and across collaborating organizations - Collaborative Identity Management. The Society of British Aerospace Companies (SBAC), the UK Defence Manufacturers Association (DMA), and NACHA are also participating.

2. Establish a continuing group called the International CIDM Forum. This group will educate, assess and advise on CIDM policy, process and technology issues including strong identity management, data segregation management, PKI/PKE implementation, cross-certification, and commercial CA bridges.

Background
The security and protection of sensitive electronic information is an issue for all, and a growing concern as we depend more and more on our ability to share information in the face of increasingly sophisticated and numerous threats.

In April DoD announced the achievement of a Initial Operating Capability (IOC) for the basic functions of the DoD PKI. The DoD is aware of the impact the use of PKI will have on its external partners. Therefore, the CIDM Forum will help DoD's partners understand the implications of this transition. However, the sensitivity of some data may require immediate use of PKI for access to web sites and immediate compliance for some types of transactions.

This could prevent some defense contractors from working with the department in certain areas until they comply. The DoD policy will eventually require the provision of digital certificates to improve the security of transactions between DoD and its contractors. There are about 350,000 defense contractors, and an estimated 10 percent to 15 percent had obtained certificates as of April.

The Federal Bridge
Identity management is becoming the norm across the government. Some states (e.g. Illinois) will issue citizens certificates for access to services. The Federal PKI Steering Committee (FPKISC) provides Government-wide guidance and coordination of Federal activities necessary to implement a public key infrastructure. The FPKISC coordinates, oversees, monitors, implements, and reports on the development of a public key infrastructure to support secure electronic commerce and electronic messaging as well as other Federal agency programs requiring the use of PKI. The General Services Administration, E-Authentication Program Management Office, has been appointed as the operation authority for Federal PKI Bridge. Cross certification with this bridge is a means to exchange certificates amongst collaborating organizations. Both the UK MOD and GOC are on similar paths.

A Commercial Bridge
The DoD policy mentioned above demands that certain kinds of electronic transactions must be signed with a DOD-approved digital certificate. In response, a community of international governments, industry organizations and companies have agreed that a capability must be created to enable industry electronic trust mechanisms to interact with each other and with many governments (not just DOD) - this is the Commercial Bridge.

Expected Outcome
Establish a standing group under the broad NCOIF Charter to:

• Advise and assess CIDM capability for collaboration between autonomous enterprises, both government and industry
  • Policy, Process and Technology
• Set criteria for third-party providers of identity proofing services to individuals and other enterprises
  • Platform to Launch Commercial Bridge
• Educate on strong identity management, data segregation management, PKI/PKE implementation, cross-certification and commercial CA bridges.

- Back to top -

Registration

The meeting is open to those who have interest in this area AND who wish to contribute time and energy to the potential work of the Forum. Registraiton is $50.00 per person. To register click here.

- Back to top -