The Federation for Identity and Cross-Credentialing Systems ( FiXs) -- a little-known group of non-profits, government contractors, commercial entities, and government agencies -- has recently unveiled a first-of-its-kind global infrastructure to support distributed, integrated identity management and cross-credentialing across organizations. The implementation combines several existing security technologies along with a set of trusted models, policies, and operating rules to insure the accurate identity of personnel accessing physical sites or logical systems.
Already in a pilot mode at a handful of government agencies and defense contractors, the FiXs identity management initiative does not have a hard date for broad deployment, although the impediments do not appear to be technical. "The cultural gap with the public in general is still too wide," said Dr. Mike Mestrovich, President of FiXs. "I think there would have to be a public consensus to move us in that direction and I don't see that happening until at least 2009 or beyond."
Founded in 2004 and based in Virginia, FiXs counts among its members the Department of Defense (DoD), Wells Fargo, Lockheed Martin, EDS, and several others. Modeled after secure electronic payment systems and initially implemented by the DoD's Defense Manpower Data Center (DMDC), the FiXs initiative meets the objectives set forth in the October 2006 Homeland Security Presidential Directive (HSPD-12).
"Until now, cross-bordering policies between government and industry had not been established," said Mary Dixon, director at the DMDC. The FiXs implementation does not assign roles, grant or deny access, or otherwise act as a gatekeeper. Rather, the mission of FiXs is simply to authenticate the identity of participants within its member organizations. Once verified by FiXs, individual site managers and systems administrators assign or designate access controls based on the role of the individual and the policies of a given organization.
FiXs' capabilities allow it to cross between both public and private sector organizations using a federated trust model. The implementation is available worldwide in local or remote settings via both wireless and wired environments. Access is available in real time. An individual's specific identity data remains within their vetted source organization.
"By its very nature, the federated solution aids in privacy because there is no central database and individual data can be stored in only one vetted place," Dr. Mestrovich said. Yet the distributed design and cross-organizational model found in the FiXs implementation does offer the possibility of a future national or international identity management system that might cross borders and organizational boundaries. "The federated approach can actually take the place of a mandated National ID system," Dr. Mestrovich stated.
Still, the head of FiXs does not see a national or international identity management implementation as a near-term reality for a couple of reasons. First, no schedule has been defined to implement such a system on the federal, state, or local level, let alone among the broader private sector. "We are speaking to a couple of States about using FiXs, but no timetable has been set," Dr. Mestrovich said.
More to the point, even though the federated identity management approach could power a national or international system, policy and implementation agreements would be needed among federal, state, and local government agencies as well as corporate governance boards, civil libertarians, foreign governments, and the population at large.
The initial DMDC pilot leverages the trust model, operating rules, policies, and security defined by FiXs and it can be considered a reference implementation. Several technologies underpin this early federated identify management and cross-credentialing deployment. Among these is the Common Access Card (CAC), which contains individual information housed in a barcode and within an integrated circuit chip. The card is used to secure both physical sites and for systems access.
In this implementation, CAC is combined with the Defense Biometric Identity System (DBIDS) to accurately identify personnel -- whether full time employees (FTEs) or contractors. Beyond CAC and the DBIDS, FiXs also includes cross reference capabilities that include photographs, textual, and fingerprint data. Industry standard encryption is used to secure the identity management process.
The FiXs organization currently has just under thirty member organizations, but the group is open to additional members. With this early implementation, group members can help to shape identity management policies and technologies as FiXs begins to be leveraged by a broader number of public entities and private sector firms.
- +
Ticked Off at Tick the Box Mentality 04 February, 2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients? - +
Strategies for Dealing With IT Complexity 24 December, 2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business. - +
How to Get Real About Strategic Planning 04 February, 2008 12:50:59
Everyone agrees that having a strategic plan for IT is a good thing but most CIOs approach the process with fear and loathing. In fact, the majority of CIOs (and the enterprises they work for) are faking it when it comes to strategic planning. Isn't it time we all got real?Oh, it must be nice to be the CIO of a FedEx or a GE or a Credit Suisse. Places where IT and the business are so tightly aligned you can barely tell the two apart. Where corporate leaders understand that IT is a strategic asset and support it as such - +
Process Trip 04 February, 2008 13:07:03
Why Maritz Travel revamped key business processes — and how business and IT came together to make it workWhen Rich Phillips became COO OF Maritz Travel about two and-a-half years ago, he sat down and took a hard look at the big industry picture
- +
Federating identity for the Web 04 December, 2007 11:20:10
User-centric innovations CardSpace and OpenID may finally bring the promise of federation within reachFederated identity has long been a goal of many IT organizations. One look at the promise of federation, and it is easy to see why. After all, empowering one organization to serve as an identity provider for another frees IT from having to manage the identities of partnering organizations' employees and customers, thereby facilitating the pursuit of competitive-advantage projects. In this era of increasing enterprise decentralization, thanks in large part to the Web, establishing a federated identity framework is fast proving as essential as it is hard to pull off. - +
Bill Gates: A New Approach to Capitalism in the 21st Century 28 January, 2008 07:12:19
Transcript of Gates speech, and a Q&A at World Economic Forum in Davos, SwitzerlandAs you all may know, in July I'll make a big career change. I'm not worried; I believe I'm still marketable. I'm a self-starter, I'm proficient in Microsoft Office. I guess that's it. Also I'm learning how to give money away.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Gaining Competitive Advantage Through Enterprise Planning
Everything you need to know about email and web security (but were afraid to ask)
Refresh your AUP: Top tips to ensure your acceptable use policy is fit for purpose
Business Intelligence and Enterprise Performance Management: Trends for Emerging Businesses
CRM your salespeople will love
Delivering the Power of Choice with Microsoft Dynamics CRM
Achieving the impossible: Unlimited application scalability
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
- White PaperJoin Lee Benjamin, a Microsoft Exchange MVP and Ryan Shipkowski, network administrator for Matthews, to discuss the process and ROI of implementing an email archiving solution, with emphasis on a case study from Matthews International.
- White PaperYour organisation may well have devised and implemented an Acceptable Use Policy (AUP) some time ago in order to guard against the risks of inappropriate use of computer systems by your workers, but are you confident that your AUP remains 'fit for purpose'? Read on to discover how you can enhance the effectiveness of your AUP.
- White PaperJoin industry expert Martin Tuip to discover best practice strategy for the archival and removal of .PST files using email archiving. Learn how to ensure long-term email records are there when needed, and reduce the risk to your business and clients.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Chris Hoff on Virtualization and Cloud Computing 20 November, 2008 10:55:00
Chris Hoff, chief security architect for the systems and technology division at Unisys and an advisor on the Skybox Security customer advisory board, is one of the biggest critics of virtualization security out there. Not because it isn't important - but rather because it is vital and needs to mature rapidly. - +
Cybersecurity is focus of new start-up incubator 20 November, 2008 07:19:00
Texas uni announces the Institute for Cyber Security.The University of Texas at San Antonio Tuesday announced a technology incubator aimed at fostering IT security-based start-ups within the state. - +
Dilip Sarangan on Physical Security M&A 20 November, 2008 11:18:00
Dilip Sarangan tracks physical security companies for Frost & Sullivan. He expects the industry's "need to have" products to weather the economic storm well, with the big players (now including IBM and Cisco) looking for value-priced acquisitions. - +
International Challenges in PCI Security 20 November, 2008 09:15:00
In a country that's seen many regulatory compliance challenges this decade, the headaches of PCI security tend to be analyzed from a largely American perspective. - +
PCI council sharpens oversight of security auditors 19 November, 2008 10:53:00
Quality assurance plan targets security assessors and scanning vendorsThe PCI Security Standards Council Monday unveiled a plan to sharpen oversight of the hundreds of security-service providers now authorized to evaluate merchant networks under the organization's Payment Card Industry data standards.
Vignette Announces 2008 Excellence Awards 21 November, 2008 10:50:00
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 20 November, 2008 17:34:00
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 20 November, 2008 12:06:00
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 20 November, 2008 12:04:00
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 20 November, 2008 12:02:00
|
||
|
||
|
|
||
|
The Secrets of C-Suite Success
With help from the CIO Executive Council, we tap into research about successful executives. Read on to learn more about the competencies CIOs need to develop to take the corner office, where CIOs fall short and what CEOs expect from CIOs.
Buying Guides
Latest Products
Buying Guides
