From: FederalNewsRadio.com 1500 AM
By Jason Miller
The Homeland Security Department wants to build networks of trust with state, local and federal government partners, as well as with international and private sector organizations. The goal is to make information sharing easier and more secure.
One of the only ways to do that is through federated identity management. So DHS is putting the pieces in place to ease the burden of managing so many different identities.
Across the government, the homeland security agencies are a few steps ahead of most others when it comes to implementing identity management interoperability standards.
The Justice Department, for example, sponsors identity management standards that let all levels of government exchange law enforcement data.
“There’s a Global Federated Identity and Privilege Management (GFIPM) standard, which allows us to exchange information from state, local, tribal, international and private sector with the federal government. It carries a set of standardized attributes, so that I know when some comes with a Security Assertion Markup Language (SAML) assertion with GFIPM attributes that there is some fidelity if they come through an identity provider that has been approved by National Strategy for Trusted Identities in Cyberspace (NSTIC),” said Donna Roy, the executive director of DHS’ Information Sharing Environment Office and the program director for DHS’ Homeland Security Information Network and the National Information Exchange Model. “When they say they are a sworn law enforcement officer, I can trust that. I can put them into the appropriate parts of our systems that can see law enforcement data.”
She said the next step is for companies and governments to adopt and use those standards, especially in software.
Rules-based access control
Leave a Reply