Government Technology - December 2007 - (Page RH2)

ADVERTISING SUPPLEMENT THE FUTURE IS OPEN AND AUTHENTICATED As part of a programmatic approach to information security, common and comprehensive Identity and Access Management (IAM) is a vital infrastructure in doing the mission-critical work of government — military or civilian. The key attributes of this approach to mitigating and managing security risk include: • Policy: Risk management is accomplished by defining who is allowed to access systems and under what circumstances, and comparing that information with who actually is allowed to access systems as well as the data they may access. • Standards: Open standards-based identity (ID) management solutions support the application programming interfaces (APIs) of existing applications, eliminating or reducing the need for modifications. Open standards are publicly available specifications, developed and maintained by a review process in which all interested parties may participate, which can then be implemented by anyone. This process promotes large-scale interoperability by allowing vendors and customers alike to build systems that interact together based on a set of commonly accepted practices. • Trust: Government agencies need the ability to share information with other agencies seamlessly but securely. If states lack an accepted standard, agencies will be unable to collaborate when authentication is necessary because authentication systems will not be interoperable. Identity management that delivers federated identity capabilities facilitates close collaboration between discrete organizations within • • government. At the same time, it provides a secure way to authenticate identities for access and manage multiple levels of access to highly sensitive information. Optimization: ID management helps organizations solidify their existing information security practices, thus enabling new business functionality, improving access to information through regular enforcement of security policies, and creating stronger and more consistent authentication and managed access to sensitive information. Consistency: A common ID management program holds the potential for reducing operational costs and development time while all applications, both old and new, share the benefits of prepared and guarded front and back doors. A BETTER WAY Safeguarding personally-identifiably information and important public assets demands a future that is “both/and” not “either/or,” such that: • Authentication will increasingly require something you have and something you know; • Solutions will take best ideas of the commercial software industry and the open source software community; and, • Government service delivery will ride on an inherently heterogeneous platform environment characterized by a little of everything, all of which will need to work together. In all, it will require a common, comprehensive and collaborative strategy and infrastructure to manage identity and access. Case Study: August Schell and the DoD Identity Management Solution The U.S. Department of Defense (DoD) is the world’s largest employer, with more than 4.3 million uniformed service personnel and civilian contractors working at more than 40,000 locations in countries around the world. When the DoD decided to modernize its identity management system, they directed the Defense Manpower Data Center (DMDC) to design a Common Access Card (CAC) that could be used by all military and civilian personnel employed by the Department of Defense, worldwide. Among the main challenges was to consolidate the multiple identiﬁcation and access cards that DoD employees carried into a single card. Some functions — such as cryptographic keys for e-mail encryption — would be common to all cards, but the card would also need to be extensible so that individual services could tailor its capabilities to ﬁt their own needs. Managing credentials that control everything from physical building entry to secure computing system access was a massive undertaking. Professional services ﬁrm August Schell supported the DoD ID management system, a complete public key infrastructure (PKI) certiﬁcate system, from pilot through full-scale implementation. The design of the ID management system helped the DoD deploy enterprise-wide solutions that are ﬂexible and secure. The solutions are based upon recognized and approved open standards, easing the development of custom DoD applications to integrate with the system, and also improving interoperability with other vendor products in use within DoD. The ﬂexibility of the ID management system allows the DoD to deploy secure solutions in a relatively quick and efﬁcient manner to meet stringent and pressing national security requirements. The DoD ID management solutions facilitated the deployment of a ﬂexible, scalable, and secure security infrastructure that will grow and evolve along with national security requirements. Only two years after the system was ﬁrst deployed as the platform for the DoD’s public key infrastructure (PKI), the DoD was able to begin issuing the Common Access Card (CAC) with digital credentials (PKI certiﬁcates) to consolidate multiple credentials into a single identity badge to be used for a variety of applications — namely, physical access to buildings and logical access to computer systems. “The use of the CAC,” according to Bill Schell, president of the professional services ﬁrm August Schell, “prevents unauthorized access to systems and allows information to be more secure in transmission. It ensures conﬁdentiality, integrity, authentication, and non-repudiation. It also saves money and enhances user productivity as single sign-on and other capabilities it facilitates are fully implemented.” The ID management solutions are enabling the DoD to efﬁciently migrate and expand to meet the identiﬁcation and access requirements that were enacted under the Homeland Security Presidential Directive 12 (HSPD-12). “The DoD ID management implementation greatly improved security of DoD information technology,” said Schell. For more information visit http://www.redhat.com/government Copyright 2007 e.Republic Inc. http://www.redhat.com/government

Table of Contents Feed for the Digital Edition of Government Technology - December 2007

Government Technology - December 2007 Contents Point of View Big Picture Profile The Last Mile GT Spectrum Well...How Did We Get Here? Dark Spaces A Paler Shade of Green? Decertification Dilemma Game On Two Cents Products Signal:Noise

Government Technology - December 2007

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.