Interagency Advisory Board (IAB) Meeting February 15, 2006.
-
Upload
sarah-owen -
Category
Documents
-
view
216 -
download
0
description
Transcript of Interagency Advisory Board (IAB) Meeting February 15, 2006.
![Page 1: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/1.jpg)
Interagency Advisory Board (IAB) Meeting
February 15, 2006
![Page 2: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/2.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 3: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/3.jpg)
First Responder Partnership Initiative
Planning Approach for Trust & Verification of Identity and Role Across Multi-Jurisdictions
Mr. Tom Lockwood/NCR FRPI
![Page 4: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/4.jpg)
(Detailed Objectives)
EPAStrategicPlan
HHSStrategicPlan
DOJStrategicPlan
DHSStrategic
Plan
StateStrategic
Plan
LocalStrategic
Plan
Federal State Local
Regional Emergency Support Functions
WashCOG REG-ECP (2002)8 Commitments to Action (2002)UASI Strategy CAO-SPG Priorities
HSPDNIMS/NRPNIPPGuidanceTemplate
Regional NCRStrategic Plan
Model COOP Plan Model COOP Plan DevelopmentDevelopment
Faron SmithEd Hilliard
Christina HigginsBill DelGrosso
#1Trans
#2Comm
#3PW/
Engin
#4Fire
#5EmergMgmt
#6MassCare
#7ResSupp
#8Health
#9UrbanS&R
#10Hazmat
#11Agric
#12Energy
#13PublicSafety
#14Recov& Mitig
#15Ext
Affairs
ProfitCritical
InfrastructureAssociationsChambers
Private Sector
Not-For-ProfitCommunity
Round TableOrganizations
Private Sector
RegionalOrgs
&Hosted
International
Planning Approach Trust & Verification of identity & role across multi-jurisdictions
![Page 5: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/5.jpg)
Planning Approach Trust & Verification of identity & role across multi-jurisdictions
Incident Management:
To get the right people with the right attributes to the right places at the right times thus reducing response/recovery times and promoting restoration to pre-incident quality of life conditions
“What are we doing?”
![Page 6: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/6.jpg)
Planning Approach Trust & Verification of identity & role across multi-jurisdictions
Strategic Objectives1. Establishment of a multi-jurisdictional identity trust model in
accordance with existing standards and technology that enables interoperability for dynamic identity and emergency attribute management
2. Categorize all emergency response or critical infrastructure support personnel in accordance with the National Response Plan (NRP) or National Infrastructure Protection Plan (NIPP)
3. Integrate identity and NRP/NIPP category information into existing authoritative human resources databases/directories for use with current technology tool sets that support the electronic proliferation of trusted and secure information for access decisions
4. Standardize NRP/NIPP occupation sub-categories and qualifications in accordance with national and international personnel qualification standards as appropriate
5. Conduct exercises to integrate use with response requirements and applications development for trusted and secure electronic incident management with accountability
![Page 7: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/7.jpg)
Planning Approach Trust & Verification of identity & role across multi-
jurisdictions
Goal: Multi-jurisdictional Identity Interoperability To demonstrate multi-jurisdictional identity interoperability by electronically binding personalized First Responder Authentication Cards (FRACs), that
were issued from different back-end infrastructures, to authorized responder in a communication-in or out environment
Police
First R
espo
nder
DOD
Amtrak
Disaster recovery area
Metro
within
![Page 8: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/8.jpg)
Planning Approach Trust & Verification of identity & role across multi-
jurisdictions
Common Process
1) Applicant - Existing, or new enrollee
2) Sponsor - Practitioner/stakeholder community authoritative official
3) Enrollment Official - PIV data and documents collection/verification
4) Registrar - PIV data and documents validation/confirmation
5) Issuance Official - PKI certificate download and card distribution
6) Validation & Revocation Authority – Sponsor’s authoritative database/directories trigger for OCSP distribution
![Page 9: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/9.jpg)
Logical access Physical access
Preparedness Identity Management
Planning Approach Trust & Verification of identity & role across multi-jurisdictions
“HSPD – 12”
“FRAC”
![Page 10: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/10.jpg)
EPAStrategicPlan
HHSStrategicPlan
DOJStrategicPlan
DHSStrategic
Plan
CountyStrategic
Plan
CountyStrategic
Plan
Federal
County & Local
Planning ApproachTrust & Verification of identity & role across multi-jurisdictions
VirginiaStrategicPlan
CountyStrategic
PlanPM
NCRC
D.C.StrategicPlan
MarylandStrategicPlan
PC
ProfitCritical
InfrastructureAssociationsChambers
Not-For-ProfitCommunity
Round TableOrganizations
Private Sector
Private Sector
RegionalOrgs
&Hosted
International
Regional
Provide a continual process improvement loop to
incorporate best practices across jurisdictions and ensure
continued architectural alignment and interoperability.
FIPS-201
HSPD…H.R. 418
UASI Funded
NIPPNRP
![Page 11: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/11.jpg)
Planning Approach Trust & Verification of identity & role across multi-jurisdictions
Federal - Lemar Jones, Director, Antiterrorism/Force Protection Directorate, Pentagon Force Protection Agency– Gordon Woodrow, Regional Director, Region 3 U.S. Department of Health and
Human Services
NCR - Robert LeGrande, Deputy Director, Office of the Chief Technology Officer, District of Columbia
Virginia - Mike McAllister, Deputy State Director, Security and Emergency Management, Virginia Department of Transportation
Maryland - Brad Jewitt, Director, Office of the Fleet, Facilities and Administrative Services, Maryland Department of Transportation
Private – John N. Petrie, Assistant Vice President for Public Safety & Emergency Management, The George Washington University
Partnership Members
![Page 12: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/12.jpg)
![Page 13: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/13.jpg)
FairfaxCounty
Montgomery County
Prince George’s County
Washington, D.C.
Loudoun County
Prince William County
Bowie
Gaithersburg
GreenbeltRockville
Fairfax
Montgomery
Falls ChurchManassas
Park
Manassas
College Park
Takoma Park
Arlington
Public SafetyHealthTransportationEmergency Preparedness
Information
Public SafetyHealthTransportationEmergency Preparedness
Information
Public SafetyHealthTransportationEmergency Preparedness
Information
Public SafetyHealthTransportationEmergency Preparedness
Information
LEGENDExisting Fiber Connected I-Net Site or Hub
Candidate I-Net Site
Existing I-Net Fiber
Candidate I-Net Fiber
Broadband Wireless Phase 1
Information
Broadband Wireless Phase 2
Broadband Wireless Future Phases
Field Mobile Operations
Data & Applications
OfficesEOCs
Government Centers
Operational Centers
“Tracks”
“Tracks” “Tra
cks”
“Users”
“Trains”
“Users”
Core ElementsShared ServicesStandardsGovernanceOutreach
Prince George’s
Alexandria
Washington, DC
NCR Data Interoperability Communications Architecture
![Page 14: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/14.jpg)
AD
MIN
UI
Jurisdiction - Jurisdiction - 22
Jurisdiction - Jurisdiction - 11
Jurisdiction - NJurisdiction - N
Jurisdiction - 3Jurisdiction - 3
DATAEXCHANGE
DATASEARCH
APPLICATIONACCESS
D A T A E X C H A N G E H U B
ESF-2 ESF-1
ESF-2 ESF-1
ESF-1 ESF-2
ESF-1 ESF-2
FEDERAL INFORMATION
EXECUTIVEADMIN
ESF-1..N USERS FEDERAL USERS
PUBLIC USERS
EXECUTIVE USERS
FEDERAL SOURCES
C R E D E N T I A L I N G
Data Exchange Hub Concept of Operations
ARCHITECTUREREVIEW BOARD
![Page 15: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/15.jpg)
PKI identity smart card will provide the relying party with machine-read information to determine access
privileges for granting access into, out of, and within
various areas as required
Police
First R
esponder
DOD
Amtrak
Disaster Recovery Area
Metro
within
Goal: Standardized Incident Identity Management
![Page 16: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/16.jpg)
Multi-Jurisdictional Recognition(mobile identity management)
INFORMATION FEED: FEDERAL
STATE LOCAL
PRIVATE
PDA INFORMATION FORMAT:• DATA• TEXT• IMAGE
First Responder Validation Authority(Produced and Synchronized Nightly)
![Page 17: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/17.jpg)
Proposed Implementation TimelinePhase I:Regional “as-is” and “to be” analysis01/03/06 - 02/28/06Limited implementation for interface analysis 01/03/06 - 02/28/06Mobile device and interoperability analysis 01/03/06 - 02/28/06
Phase II:NCR sponsored pilot exercises 03/15/06 - 03/30/06Commence regional implementation 04/01/06 - 07/30/06NCR sponsored exercises 04/03/06 - 04/27/06FEMA sponsored Forward Challenge 06 06/19/06 - 06/22/06
Phase III: Complete implementation 07/30/06 - 09/30/08NCR sponsored exercises 09/04/06 - 09/30/08
![Page 18: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/18.jpg)
I-Net Project BB Project EOC Int Project
DEH Project
High level Pilot plansLight up at least 4 regional fiber connections(Locations TBD)
High level Pilot plans
External to District Pilots, but interoperable to DC
• 1x EVDO –RE-A• WI MAX• 4.9 GHz• WI FI• Flarion• Mesh
High level Pilot plans
• Web EOC to Web EOC Pilot
• Web EOC to/from other CIMS
(DC-Montgomery)• Federal (TBD)• Web EOC to/from DEH
High level Tech assessments
Tech Assessment of Existing Solutions
• CAPWIN• CAP STAT• HSIN• SHIELD• Research Other Options
NCR Program DeliverablesPilot Objectives: Leverage existing technologies to better define long term solutions.
May ‘05
Design SOW TBD. Depends on completion of requirements work
Design SOW TBD Depends on completion of requirements
NCR Requirements Efforts
Requirements and design SOW Awarded Req. RFP Due out 9-10 Requirements and
design SOW AwardedAwarded
NCR Design Effort
![Page 19: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/19.jpg)
Interoperability Program summaryInteroperability
ImperativesTask Description Project Benefit to the National
Capital Region
Offices Operational Centers
Connect Emergency Operations Center s(EOCs). Leverage existing off-the-shelf solutions to seamlessly integrate the Emergency Operations Centers. Select a jurisdiction to develop a pilot application and serve as an NCR model. This will facilitate testing and validation of the EOC interoperability solution
This integration will allow for increased coordination, faster regional response times , and backup in case of system failure or center outages.
Field Mobile Operations
Design and procure the physical pathways (I-Net) necessary for interconnection among regional public network. Engineer and procure an integrated solution for interoperable interconnection. Develop pilot application for incident command and control management and sharing o public safety resources related to E9-1-1, and protocols for interoperating in a regional crisis.
Specific benefits of private network interconnections (I-Nets) include the ability to interconnect the region’s 9-1-1 Centers, and to create an interoperable regional communications fabric supporting public safety broadband wireless systems.
Field Mobile Operations
Design a regional interoperable /interconnected broadband wireless network providing outdoor coverage for the NCR. Collect NCR first responder broadband application security, functional and performance requirements.
A regional wireless broadband network will significantly enhance first responder communication capabilities, and will provide the infrastructure to enable true voice/data interoperability via voice over IP technology.
Data & Applications
Deploy a high performance search capability (neutral host) to allow authorized users access to data housed in individual jurisditions’ locations. This functionality will be available to any browser-based user whether connected throught eh Internet (VPN), or through a browser-compatible wireless service. A centrlized security model will insure authorized access. All data will remain under the administrative and technical control fo the owner jurisdiction
By allowing real-time electronic exchange of data for public safety, emergency preparedness officials at all levels should realize immediate improvements and cost reductions in Homeland Security data communication activities.
![Page 20: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/20.jpg)
FRAC Implementation & Strategic Objectives
Presenter: W. Duane StaffordAgency: Virginia Department of TransportationOffice: Security & Emergency Management DivisionDate: February 15, 2006
![Page 21: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/21.jpg)
Virginia & DHS Partnership
● The Commonwealth of Virginia is currently issuing First Responder Authentication Cards (FRACs) to Federal, State and local governments.
● Virginia is working with DHS to implement FIPS 201 as a part of its FRAC Initiative.
● VDOT’s Security and Emergency Management Division (SEMD) Transportation Protective Security Section (TPS) is currently responsible for:
VDOT has adopted a standard FRAC for use in :
● Identifying a person’s status within the Agency (Employee or Contractor)
● Gaining physical access
● Site access to identified critical incident areas as an Emergency Responder.
FRAC Credential
- FRAC development- Testing- Implementation- Maintenance of the FRAC
credentials and policies.
![Page 22: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/22.jpg)
VDOT FRAC Design
![Page 23: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/23.jpg)
FRAC Policy & Procedures● VDOT has developed a FRAC policy which establishes:
Procedures regarding the issuance and use of VDOT FRAC.
Clarification regarding FRAC eligibility
● The policy embraces and supports both HSPD-12 and FIPS PUB 201.
● VDOT has developed a FRAC Usage Policy which establishes expectations for FRAC Holders.
● The policy explains:
Uses of the FRAC Care and display of the FRAC Fraudulent use/abuse of the FRAC FRAC restrictions.
![Page 24: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/24.jpg)
FRAC Request Form
● VDOT, in conjunction with DHS, has developed a standard “First Responder Authentication Card (FRAC) Request” Form (SEMD 201-05).
● VDOT is currently anticipating converting the SEMD 201-05 paper form to an electronic form.
Note: The FRAC Request Form was derived originally from the Personal Identity Verification (PIV) Request for USDA ID Badge Form
![Page 25: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/25.jpg)
FRAC Marketing & Training
● VDOT has developed a FRAC “Frequently Asked Questions” brochure to hand out to all First Responders who are issued a FRAC through VDOT.
● The brochure explains to the FRAC holder what the FRAC is and how it is different from their regular Access Control and Identification Card.
![Page 26: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/26.jpg)
Post Winter Fox
● Further develop PIV Roles and pre-register individuals.
● Develop, test and implement Logical and Physical Access Control System (Pegasys) enhancements to track FRAC credentials with reports and management.
● Develop and implement a structured way of identifying First Responders requiring FRACs throughout the Commonwealth of Virginia.
![Page 27: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/27.jpg)
FRAC Issues to Resolve
● The cardholder’s digital photo must be accessible prior to PIN input.
● Approved Products/Vendor Lists and Accreditation (GSA).
● NACI requirement solution for State governments.
● Cardholder Naming convention must be clarified.
● Color-Coding for Employee Affiliation must be clarified.
![Page 28: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/28.jpg)
Post Winter Fox
● Further develop PIV Roles and pre-register individuals.
● Develop, test and implement Logical and Physical Access Control System (Pegasys) enhancements to track FRAC credentials with reports and management.
● Develop and implement a structured way of identifying First Responders requiring FRACs throughout the Commonwealth of Virginia.
![Page 29: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/29.jpg)
FRAC Issues to Resolve
● The cardholder’s digital photo must be accessible prior to PIN input.
● Approved Products/Vendor Lists and Accreditation (GSA).
● NACI requirement solution for State governments.
● Cardholder Naming convention must be clarified.
● Color-Coding for Employee Affiliation must be clarified.
![Page 30: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/30.jpg)
Status Brief: IAB Meeting 2/15/2006
Maryland First Responder Authentication Card • Port of Baltimore ACS Upgrade• Partnership with Baltimore Metro First Responders• Alpha Testing Phase: 2000 FRAC Seats (Mobile Solution)
– Winter Fox Demonstration 2/23/2006– Concept of Operations / Business Rules
• Beta Testing: Brick and Mortar Site • Penetration:
– MD National Guard– Coast Guard– 8 of 23 Counties and Baltimore City (After Alpha Testing)
• NCR / Baltimore
• Future:– Strategic implementation plan for State across all ESFs
![Page 31: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/31.jpg)
• Public sector may not be able to sustain needs of private entities such as GW with population of 20,000+ members and over 125 facilities.
• Allows for continuous provision of critical services and access to sensitive facilities or research centers.
• Promotes self sufficiency and less reliance on first responders and public sector thus allowing resources to be utilized elsewhere.
• Provides creditability to private sector responders/incident teams by using universally recognized credentials.
• Eases access for thousands of employees commuting from MD, VA, WV, and PA who are separated by layers of local, state, and federal law enforcement agencies each with control points or perimeters.
The George Washington UniversityPrivate Sector Credentialing
![Page 32: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/32.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 33: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/33.jpg)
Information and Technology for Better Decision MakingMD DC
3333February 2006
Information and Technology for Better Decision MakingInformation and Technology for Better Decision Making
Interagency Advisory Board (IAB)Interagency Advisory Board (IAB)
Joint Program Handheld/Mobile Joint Program Handheld/Mobile Device Status forDevice Status for
Government Smart CardGovernment Smart Card
Presented by
Frank JonesFrank JonesDoD Access Card Office
February 15, 2006
February 2006
![Page 34: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/34.jpg)
Information and Technology for Better Decision MakingMD DC
3434February 2006
Gather Requirements from User Community Consider DBIDS Lessons Learned Contract for Handheld Expertise Support Finalize Consolidated Requirements Market Survey of Products Capable of Customization and
Modularity Release Request for Information (RFI) RFI Vendor Responses Received
RFI Summary Report
Plan of Action
12/16/2005
3/21/2006
9/30/2005
8/03/2005
8/03/2005
10/26/2005
10/26/2005
1/18/2006
![Page 35: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/35.jpg)
Information and Technology for Better Decision MakingMD DC
3535February 2006
Questions?
Frank Jones(703) 696-0179
![Page 36: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/36.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 37: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/37.jpg)
Office of Governmentwide PolicyOffice of Technology Strategy
Judith Spencer15 February 2006
FIPS 201 Evaluation Program
![Page 38: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/38.jpg)
Presentation Agenda
• Card/Reader Interoperability Task• Lab Development Task• Call for Industry Support
![Page 39: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/39.jpg)
Card/Reader Interoperability Task
• Update– 66% complete – FIPS 201 Category List revised
• 19 remaining categories• Categories Mapped to Requirements Traceability Matrix• Reader categories by use case
– Test fixture prototype developed– Card/reader requirements nearing completion
• Next major milestone– Card/reader interoperability requirement validation
![Page 40: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/40.jpg)
Lab Development Task
• Update– 20% complete – CONOPS completed– Configuration Management Plan completed– Approval Procedure Template completed
• Next major milestone– Web enabled information source review
![Page 41: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/41.jpg)
Looking for Assistance from Industry
• Evaluation Program Technical Working Group (EPTWG)– More technical input from reader & card manufacturers
desired– Starting Subgroup for reader & card technical
representatives• Weekly, in person, whiteboard meetings• March thru end of April• Review/comment/revise reader & card test procedures• Engineers preferred
![Page 42: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/42.jpg)
Questions ?
April Giles
Contact information:
Email: [email protected]
Website: http://www.smart.gov/fips201apl
Phone: 1.202.501.1123
![Page 43: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/43.jpg)
RFI Results
• 71 Unique Responses• ~13 Indicated Turnkey Service Capability• General consistency in the cost data
– Some questions concerning what is included
• Conclusion – Industry is prepared to provide the services required by FIPS-201 for Enrollment and Card Management.
![Page 44: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/44.jpg)
Next Steps
• Develop High Level Architectural Concept• Start tightening up the technical specifications and
requirements definitions (including business requirements) for a managed solution
• Recognize differences between the ‘ramp up’ and the ‘normalized’ activities
• Awaiting results from two agency data calls – due Feb 24, 2006.
• Update Performance Metrics based on RFI feedback
![Page 45: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/45.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 46: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/46.jpg)
46
Physical Access Synergy
![Page 47: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/47.jpg)
Physical Access Control System
(PACS)
PAIIWG SCA
SIA
Synergy in Federal
Requirements & Industry
Standards
![Page 48: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/48.jpg)
PACS
Objective
• No conflict or ambiguity in FIPS-201 or related documentation as they apply to PACS
• Ensure that Industry Standards are developed by SIA that are in synergy to Federal Requirements
![Page 49: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/49.jpg)
PACSM. Butler IAB Chair
A. Cieri Coordinator
PAIIWGM. Sulak
T. Baldridge
S. Howard
K. Kozlowski
L.J. Neve
L. Kull
D. Vanderweele
J. Zok
K. Stewart
R. Martin
B. Gilson
SCA
C. Medich
D. Pfeiffer
R. Vanderhoof
M. Regelski
R. Merkert
E. Widlitz
T. Damalos
SIA
R. Zivney
S. D’Agostino
![Page 50: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/50.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 51: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/51.jpg)
HSPD-12/FIPS 201 HSPD-12/FIPS 201 TRAINING MODULES TRAINING MODULES
UPDATEUPDATE
![Page 52: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/52.jpg)
IntroductionIntroduction Continuing development of a series of Continuing development of a series of
web-based training modules and web-based training modules and assessment tools to assist assessment tools to assist management, administrators and users management, administrators and users in complying with FIPS 201in complying with FIPS 201
The series will assist in the consistent The series will assist in the consistent implementation of HSPD-12/FIPS 201 implementation of HSPD-12/FIPS 201 across the Federal Governmentacross the Federal Government
![Page 53: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/53.jpg)
Timelines and Timelines and ModulesModules
Delivery on 10/03/2005 included:Delivery on 10/03/2005 included:– Module 1: PIV Overview Module 1: PIV Overview – Module 2: PIV Roles and Responsibilities Module 2: PIV Roles and Responsibilities
Delivery in Spring 2006 includes:Delivery in Spring 2006 includes:– Module 3: Privacy AwarenessModule 3: Privacy Awareness– Module 4: Administrator (technical Module 4: Administrator (technical
explanation)explanation)– Module 5: Appropriate UsesModule 5: Appropriate Uses
![Page 54: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/54.jpg)
Hosting of ModulesHosting of Modules
Working with USALearning to host all five Working with USALearning to host all five modulesmodules
There may be two versions of each There may be two versions of each module: module:
1.1. Base module-meeting a baseline set of Base module-meeting a baseline set of specifications from OPM so every department specifications from OPM so every department may access the training may access the training
2.2. Secondary module-will utilize a multi-media Secondary module-will utilize a multi-media approach, including streamingapproach, including streaming
![Page 55: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/55.jpg)
Modules FormatModules Format Modules include three windows:Modules include three windows:
– Video streaming, including interviews with Video streaming, including interviews with government officialsgovernment officials
– PowerPoint slidesPowerPoint slides– Transcript with hyperlinks to important Transcript with hyperlinks to important
topics for more detailstopics for more details
![Page 56: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/56.jpg)
Module 1 and 2Module 1 and 2 Module 1-Overview is available on Module 1-Overview is available on
USA Learning (USA Learning (http://www.http://www.usalearningusalearning..govgov//coursecatalogcoursecatalog/index./index.cfmcfm??fuseactionfuseaction==oltovervieoltovervie))
Module 2 is available from your Module 2 is available from your agency HSPD-12 representative (agency HSPD-12 representative (www.vodium.com/goto/blm/hspd12.awww.vodium.com/goto/blm/hspd12.aspsp))
![Page 57: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/57.jpg)
Modules 3-5Modules 3-5 In the process of finalizing Power In the process of finalizing Power
Point slides and narrationPoint slides and narration Video shoot week of March 6Video shoot week of March 6thth
– Scheduling Subject Matter Experts to Scheduling Subject Matter Experts to interview on camerainterview on camera
– Preparing for video shoots throughout Preparing for video shoots throughout Washington, DC Washington, DC
![Page 58: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/58.jpg)
Module 3-Privacy AwarenessModule 3-Privacy Awareness Objectives for module:Objectives for module:
– Explanation of individual’s privacy and Explanation of individual’s privacy and means taken to secure informationmeans taken to secure information
– Explanation of information collected and Explanation of information collected and how it is protected how it is protected
![Page 59: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/59.jpg)
Module 3-Privacy Module 3-Privacy Awareness, cont.Awareness, cont.
The training will answer the following The training will answer the following questions:questions:– What technology innovations on the PIV What technology innovations on the PIV
Card itself help protect both my identity Card itself help protect both my identity and my privacy?and my privacy?
– What information about me is on the PIV What information about me is on the PIV Card?Card?
– What information is collected – and why What information is collected – and why – in order to get a PIV Card?– in order to get a PIV Card?
![Page 60: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/60.jpg)
Module 3-Privacy Module 3-Privacy Awareness, cont.Awareness, cont.
– How will my information be How will my information be safeguarded, and what controls are in safeguarded, and what controls are in place? place?
– Who can I talk to if I have questions or Who can I talk to if I have questions or concerns?concerns?
![Page 61: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/61.jpg)
Module 4 – Module 4 – AdministratorAdministrator
Objectives for module: Objectives for module: – Users will understand the components Users will understand the components
within the technical infrastructure and within the technical infrastructure and all of the dependencies at the 1000 foot all of the dependencies at the 1000 foot level ( not the 1 foot level) level ( not the 1 foot level)
– Explains what is needed to issue a PIV Explains what is needed to issue a PIV CredentialCredential
![Page 62: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/62.jpg)
Module 4 – Module 4 – Administrator, cont.Administrator, cont.
The training will answer the following The training will answer the following questions:questions:
What are all of the components of a What are all of the components of a credential?credential?
What personal data is needed and how will What personal data is needed and how will the data be saved or deleted?the data be saved or deleted?
![Page 63: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/63.jpg)
Module 4 – Administrator, Module 4 – Administrator, cont.cont.
How does issuance of the credential work? How does issuance of the credential work? How is data stored on a card?How is data stored on a card? How is the credential configured with PKI How is the credential configured with PKI
and biometrics to enable it to be used for and biometrics to enable it to be used for physical and logical access?physical and logical access?
![Page 64: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/64.jpg)
Module 5 –Uses of the Module 5 –Uses of the CredentialCredential
Objectives for module: Objectives for module: – Explains migration from flash pass and Explains migration from flash pass and
passwords to electronic verificationpasswords to electronic verification– Explains the physical and logical use of Explains the physical and logical use of
the credential across domains (across the credential across domains (across entire federal enterprise)entire federal enterprise)
– Explains Public Key EnablingExplains Public Key Enabling
![Page 65: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/65.jpg)
Module 5 –Uses, cont.Module 5 –Uses, cont. The training will answer the following The training will answer the following
questions:questions:– What are the primary credential uses?What are the primary credential uses?
How will physical and logical access work?How will physical and logical access work? What is OMB Memorandum 04-04 and 05-What is OMB Memorandum 04-04 and 05-
05?05?– What are other uses for the credential?What are other uses for the credential?
![Page 66: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/66.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 67: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/67.jpg)
Backend Authentication Work Group (BAS WG)
15 February 2006
![Page 68: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/68.jpg)
Status
• Membership has met several times over the last month as government only
• Expanding membership to include other interested parties (Industry or government):
Meeting Type:Conference CallDate: Tuesday, 28 FebruaryTime: 2-4pm EST
• All interested parties should provide contact information to [email protected]
![Page 69: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/69.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 70: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/70.jpg)
HSPD #12 Document Revision Status
National Institute of Standards and TechnologyFebruary 15, 2006
![Page 71: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/71.jpg)
Current Activities
• FIPS 201-1 accommodation of OMB Memorandum M-05-24
• Special Publication 800-73 adjustments to accommodate Special Publication 800-76
• Reformatting of Special Publication 800-85 to separate card command conformance testing from data model conformance testing
• Federal Register Notice request for recommendations for revision of FIPS 201-1 and associated guidelines
![Page 72: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/72.jpg)
FIPS 201-1 Accommodation of OMB Memorandum M-05-24
• Provides for interim issuance of credentials based on National Criminal History Check and requires electronic indication of interim issuance on the PIV card.
• FIPS 201-1 signed by the NIST Director and forwarded to DoC for signature.
• Awaiting signature of the Secretary of Commerce.
![Page 73: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/73.jpg)
Special Publication 800-73 Adjustments to Accommodate
Special Publication 800-76• Biometric storage format changes• Incorporation of previously posted errata• Elimination of requirement to provide user
PIN before permitting access to public PKI certificate information
• Proposed changes posted for public comment (comments before March 2006)
![Page 74: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/74.jpg)
Reformatting of Special Publication 800-85
• Separates card command conformance testing from data model conformance testing
• SP 800-85A to be posted February 16 at http://csrc.nist.gov/piv-program
• SP 800-76 data model conformance requirements being included in SP 800-85B
![Page 75: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/75.jpg)
Revision of FIPS 201-1 and Associated Guidelines
• Federal Register Notice requesting change recommendations being staffed
• Anticipate posting shortly• Plan workshops to discuss recommended
changes– Need for change– Impact on standards stability– Priority and schedule determination
![Page 76: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/76.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 77: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/77.jpg)
HSPD #12 Cryptographic Migration Plan
Tim PolkNational Institute of Standards and Technology
February 15, 2006
![Page 78: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/78.jpg)
Relevant Specifications
• FIPS 201 does not explicitly specify key sizes or cryptographic algorithms
• FIPS 201 incorporates NIST Special Publication 800-78 and the FPKI Common Policy by reference– Both specifications stated requirements for
algorithms and key sizes– Requirements for public key algorithms were
stated inconsistently
![Page 79: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/79.jpg)
Rationale for Cryptographic Specifications, Part One
• Moore’s Law is not negotiable!– 80 bit cryptography is mostly dead
• 1024 bit RSA and 160 bit ECC can not be relied upon for cryptographic services to achieve HSPD #12’s goals after 2010
• For authentication keys, 80 bit strength is fine through 2010
• For signatures and confidentiality, need to transition before 2010
![Page 80: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/80.jpg)
Rationale for Cryptographic Specifications, Part Two
• Protect Legacy Implementations– 80 bit strong RSA (1024 bit keys) is widely use,
so it is permitted by the Common Policy and NIST SP 800-78
• Avoid Unnecessary Transitions– 80 bit strong ECC (160 bit keys) is not widely
used, so force ECC implementers to curves with 224+ bits
![Page 81: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/81.jpg)
Common Policy
• Common Policy predates FIPS 201, and has a broader scope– Version 1 recognized only RSA
• 1024 bit RSA, SHA-1 acceptable• Established migration timelines for 2048 bit RSA and SHA-
256 based on certificate issuance date
– ECC added in 3/05 to support FIPS 201• 163 bit through 283 bit keys• SHA-1 and SHA-224 may be used with 163 and 224 bit keys• Migration timelines consistent with RSA
![Page 82: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/82.jpg)
NIST SP 800-78
• Supports FIPS 201 and only 201– Developed after FIPS 201, published 4/05
• Established migration timelines based on certificate expiration date– More forgiving, since agencies can issue short
lifetime certs after dates in Common Policy– More consistent with Moore’s Law since it
focuses directly on usage period for the key
![Page 83: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/83.jpg)
Summary
• HSPD #12 Cryptographic Migration timeline is as pragmatic as possible, but our options are constrained by Moore’s Law
• The Common Policy and SP 800-78 state migration timelines differently– Consistency is being pursued by NIST
![Page 84: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/84.jpg)
Questions?
![Page 85: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/85.jpg)
Agenda• First Responder Partnership in National Capital Region
(NCR) – Tom Lockwood (DHS) and Regional Partners
• Handheld RFI Update - Frank Jones (DoD)
• FIPS-201 Evaluation Program Progress – Judy Spencer (GSA)
• Physical Access Synergy – Tony Cieri
• Status Training Modules – Andrew Goldsmith (DOI)
• Backend Authentication Scheme Working Group (BASWG) – TBD
• Document Revision Progress – Curt Barker (NIST)
• Cryptographic Migration Plan – Tim Polk (NIST)
• Press Wrap-up
![Page 86: Interagency Advisory Board (IAB) Meeting February 15, 2006.](https://reader036.fdocuments.in/reader036/viewer/2022062413/5a4d1b5d7f8b9ab0599abb3a/html5/thumbnails/86.jpg)
86
Press Wrap-up