SlideShare a Scribd company logo

Where We Are Today – The Current Landscape of Identity Management

Duane Blackburn
Duane Blackburn

Opening address of the identity management track within the Biometric Consortium Conference (2012).

TechnologyBusiness
1 of 13
Download to read offline
BIOMETRIC CONSORTIUM CONFERENCE AFCEA IDENTITY MANAGEMENT FOCUS SESSIONS Where We Are Today – The Current Landscape of Identity Management Duane Blackburn, MITRE Corporation 18 September 2012 Approved for Public Release: 12-3821. Distribution Unlimited ©2012-The MITRE Corporation. All rights reserved.
►Nov 2008 – May 2009 ►AT&T, Bank of America, Boeing, Microsoft, Raytheon, etc. ►January – July 2008 ►DoD, DHS, DOJ, HHS, Treasury, DOS, NIST, GSA, VA, IRS, FTC, NASA, NSF
COMMONTHEMES-IMPORTANCE  Identity Management is a critical, though often underappreciated, component of successful applications in a variety of sectors  IdM can help remove barriers to collaboration and innovation by ensuring trust  People/things have only one “true” identity, but several aliases with varying degrees of confidence in the linkages to the “true” identity.  How to enable and manage these identities properly in a single application is difficult, but is even more difficult across interconnected systems  IdM activities in one application impacts and relies upon others, though these impacts aren’t normally understood or accounted for
COMMONTHEMES–R&D Technology available now is good, but improvements are needed to improve capabilities, resiliency, privacy protection, convenience and security Research is needed on how to best combine different technologies Researcher access to useful data is an inhibitor Side to side comparisons of technology options is difficult/confusing and isn’t keeping pace with new products
COMMONTHEMES-STANDARDS Interoperability is difficult if the systems do not share definitions and data structures Increases the chance of errors, which would be propagated throughout the interconnected systems Market-based and consensus-supported standards most likely to be universally accepted The existence and use of universal standards (or lack thereof) is often viewed as an indicator of a market/technology’s maturity
COMMONTHEMES-PRIVACY Improving IdM can actually enhance privacy protection over the status quo – if done properly Outreach is an important aspect of privacy policy Even if the privacy policy is correct, negative public perception will scuttle a program quickly Privacy isn’t just for lawyers Building protections directly into the technology will provide greater assurance that the protections are implemented thoroughly and consistently. A single IdM privacy breach creates enduring problems in multiple systems Privacy and security aren’t mutually exclusive
CO MM ON THE ME S– NEE D FOR GO VER NA NCE Identity-based systems are inherently connected to one another. Overall governance is required to manage this properly rather than ad-hoc or not at all All levels of government have the responsibility to ensure the safety and wellbeing of its citizenry – and IdM has clear impacts on national security, the economy, cyberspace, and individual healthcare Government must provide leadership and work with all stakeholders to create favorable conditions for the development of IdM that benefits users
SOFARHASLEADTO…NOTMUCH  Foundation for CIO Councils’ identity work and for NSTIC  NSTAC Report: “Despite laudable progress being made in many different areas across a broad organizational front, Government does not yet have a cohesive strategy to fulfill the potential of its considerable investment in all aspects of IdM, nor to meet the emergent need.”
BIOMETRIC CONSORTIUM CONFERENCE AFCEA IDENTITY MANAGEMENT FOCUS SESSIONS Where We Are Today – The Current Landscape of Identity Management Duane Blackburn, MITRE Corporation 18 September 2012 Approved for Public Release: 12-3821. Distribution Unlimited ©2012-The MITRE Corporation. All rights reserved.
IDMCONCEPTUALLY From NSTC Document:  (T)he underlying function of identification has been a part of the human experience since the growth of social complexity introduced differentiated roles, rights, privileges, and resources into communities. Some of these “unique abilities” came with the membership of a class or group, while others represented individual characteristics. Sometimes there was an identifying badge, mark, object, or other way to visually distinguish the individual with a specific role; sometimes this could only be known from personal interaction.”
HOLLYWOODDEPICTIONS
IDENTITYCONCENTRICITY Root Core One individual (core) Multiple identities/identifiers
Duane Blackburn 434-964-5023 dblackburn@mitre.org Disclaimer The author's affiliation with The MITRE Corporation is provided for identification purposes only, and is not intended to convey or imply MITRE's concurrence with, or support for, the positions,opinions or viewpoints expressed by the author

Recommended

Key points of microinsurance (presented by hasib ahmed)
Key points of microinsurance (presented by hasib ahmed)Key points of microinsurance (presented by hasib ahmed)
Key points of microinsurance (presented by hasib ahmed)Hasib Ahmed
 
IANS Connector Event Deck: Factor 2
IANS Connector Event Deck: Factor 2IANS Connector Event Deck: Factor 2
IANS Connector Event Deck: Factor 2Andrew Sanders
 
What is an IANS Connector Event?
What is an IANS Connector Event?What is an IANS Connector Event?
What is an IANS Connector Event?Andrew Sanders
 
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020Jessica Graf
 
Why Traditional Security has Failed
Why Traditional Security has Failed Why Traditional Security has Failed
Why Traditional Security has Failed Steven_Jackson
 
Saahil Goel Is Issue Background
Saahil Goel Is Issue BackgroundSaahil Goel Is Issue Background
Saahil Goel Is Issue Backgroundguestfd062
 
Operationalizing Collaboration
Operationalizing CollaborationOperationalizing Collaboration
Operationalizing CollaborationCarl De Groote
 
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Microsoft
 

Recommended

Key points of microinsurance (presented by hasib ahmed)
Key points of microinsurance (presented by hasib ahmed)Key points of microinsurance (presented by hasib ahmed)
Key points of microinsurance (presented by hasib ahmed)Hasib Ahmed
 
IANS Connector Event Deck: Factor 2
IANS Connector Event Deck: Factor 2IANS Connector Event Deck: Factor 2
IANS Connector Event Deck: Factor 2Andrew Sanders
 
What is an IANS Connector Event?
What is an IANS Connector Event?What is an IANS Connector Event?
What is an IANS Connector Event?Andrew Sanders
 
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020Jessica Graf
 
Why Traditional Security has Failed
Why Traditional Security has Failed Why Traditional Security has Failed
Why Traditional Security has Failed Steven_Jackson
 
Saahil Goel Is Issue Background
Saahil Goel Is Issue BackgroundSaahil Goel Is Issue Background
Saahil Goel Is Issue Backgroundguestfd062
 
Operationalizing Collaboration
Operationalizing CollaborationOperationalizing Collaboration
Operationalizing CollaborationCarl De Groote
 
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...Microsoft
 
Pursutpp
PursutppPursutpp
Pursutppguestdacae5b
 
2009 Directors Report
2009 Directors Report2009 Directors Report
2009 Directors Reportandy biggin
 
#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...
#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...
#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...LucianeCurator, EUNEOS Social Media Manager and Trainer
 
Environmental Group Of Support Sulkowice
Environmental Group Of Support SulkowiceEnvironmental Group Of Support Sulkowice
Environmental Group Of Support SulkowiceLucianeCurator, EUNEOS Social Media Manager and Trainer
 
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומןמצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומןelio2b
 
Teaching with social media in classroom settings: Top ten practices from teac...
Teaching with social media in classroom settings: Top ten practices from teac...Teaching with social media in classroom settings: Top ten practices from teac...
Teaching with social media in classroom settings: Top ten practices from teac...LucianeCurator, EUNEOS Social Media Manager and Trainer
 
Aaa! Newsletter
Aaa! NewsletterAaa! Newsletter
Aaa! Newsletterandy biggin
 
Urcus Spre Manastire
Urcus Spre ManastireUrcus Spre Manastire
Urcus Spre ManastireLucianeCurator, EUNEOS Social Media Manager and Trainer
 
Vakfotografie Sonny Lips
Vakfotografie Sonny LipsVakfotografie Sonny Lips
Vakfotografie Sonny LipsSonny1967
 
Collateral Advantage
Collateral AdvantageCollateral Advantage
Collateral AdvantageMelanie Boellinger
 
PowerPoint Template - Put graphics center stage
PowerPoint Template - Put graphics center stagePowerPoint Template - Put graphics center stage
PowerPoint Template - Put graphics center stageLee Bandy
 
Bc Dc Oh
Bc Dc OhBc Dc Oh
Bc Dc Ohbcostello
 
Trade with China. AsstrA Presentation 2009
Trade with China. AsstrA Presentation 2009Trade with China. AsstrA Presentation 2009
Trade with China. AsstrA Presentation 2009Pavel Red'ko
 
Week 4 - Trigonometry
Week 4 - TrigonometryWeek 4 - Trigonometry
Week 4 - TrigonometryCarlos Vázquez
 
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوطالدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوطEssam Obaid
 
Logika Informatika
Logika InformatikaLogika Informatika
Logika Informatikaandrewaja
 
Baie Des Cochons
Baie Des CochonsBaie Des Cochons
Baie Des Cochonsterissarafuse
 
Summary Of Dissertation Presentation
Summary Of Dissertation PresentationSummary Of Dissertation Presentation
Summary Of Dissertation Presentationcmhusted
 
Virginia Empowerment Zone
Virginia Empowerment ZoneVirginia Empowerment Zone
Virginia Empowerment ZoneCatchphrasecopywriter
 
Jing and Voicethread in K12 Education
Jing and Voicethread in K12 EducationJing and Voicethread in K12 Education
Jing and Voicethread in K12 EducationNational University
 
BCC 2009 - NSTC
BCC 2009 - NSTCBCC 2009 - NSTC
BCC 2009 - NSTCDuane Blackburn
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 

More Related Content

Viewers also liked

2009 Directors Report
2009 Directors Report2009 Directors Report
2009 Directors Reportandy biggin
 
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומןמצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומןelio2b
 
Vakfotografie Sonny Lips
Vakfotografie Sonny LipsVakfotografie Sonny Lips
Vakfotografie Sonny LipsSonny1967
 
PowerPoint Template - Put graphics center stage
PowerPoint Template - Put graphics center stagePowerPoint Template - Put graphics center stage
PowerPoint Template - Put graphics center stageLee Bandy
 
Trade with China. AsstrA Presentation 2009
Trade with China. AsstrA Presentation 2009Trade with China. AsstrA Presentation 2009
Trade with China. AsstrA Presentation 2009Pavel Red'ko
 
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوطالدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوطEssam Obaid
 
Logika Informatika
Logika InformatikaLogika Informatika
Logika Informatikaandrewaja
 
Summary Of Dissertation Presentation
Summary Of Dissertation PresentationSummary Of Dissertation Presentation
Summary Of Dissertation Presentationcmhusted
 
Jing and Voicethread in K12 Education
Jing and Voicethread in K12 EducationJing and Voicethread in K12 Education
Jing and Voicethread in K12 EducationNational University
 

Viewers also liked (20)

Pursutpp
PursutppPursutpp
Pursutpp
 
2009 Directors Report
2009 Directors Report2009 Directors Report
2009 Directors Report
 
#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...
#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...
#Curation Restart Education Project . Top 10 #edtech20 tools who will change ...
 
Environmental Group Of Support Sulkowice
Environmental Group Of Support SulkowiceEnvironmental Group Of Support Sulkowice
Environmental Group Of Support Sulkowice
 
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומןמצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
מצגת אחריות הרשויות המקומיות לניצולי השואה בתחומן
 
Teaching with social media in classroom settings: Top ten practices from teac...
Teaching with social media in classroom settings: Top ten practices from teac...Teaching with social media in classroom settings: Top ten practices from teac...
Teaching with social media in classroom settings: Top ten practices from teac...
 
Aaa! Newsletter
Aaa! NewsletterAaa! Newsletter
Aaa! Newsletter
 
Urcus Spre Manastire
Urcus Spre ManastireUrcus Spre Manastire
Urcus Spre Manastire
 
Vakfotografie Sonny Lips
Vakfotografie Sonny LipsVakfotografie Sonny Lips
Vakfotografie Sonny Lips
 
Collateral Advantage
Collateral AdvantageCollateral Advantage
Collateral Advantage
 
PowerPoint Template - Put graphics center stage
PowerPoint Template - Put graphics center stagePowerPoint Template - Put graphics center stage
PowerPoint Template - Put graphics center stage
 
Bc Dc Oh
Bc Dc OhBc Dc Oh
Bc Dc Oh
 
Trade with China. AsstrA Presentation 2009
Trade with China. AsstrA Presentation 2009Trade with China. AsstrA Presentation 2009
Trade with China. AsstrA Presentation 2009
 
Week 4 - Trigonometry
Week 4 - TrigonometryWeek 4 - Trigonometry
Week 4 - Trigonometry
 
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوطالدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
الدوريات الأجنبية فى مكتبات الكليات العلمية فى جامعة أسيوط
 
Logika Informatika
Logika InformatikaLogika Informatika
Logika Informatika
 
Baie Des Cochons
Baie Des CochonsBaie Des Cochons
Baie Des Cochons
 
Summary Of Dissertation Presentation
Summary Of Dissertation PresentationSummary Of Dissertation Presentation
Summary Of Dissertation Presentation
 
Virginia Empowerment Zone
Virginia Empowerment ZoneVirginia Empowerment Zone
Virginia Empowerment Zone
 
Jing and Voicethread in K12 Education
Jing and Voicethread in K12 EducationJing and Voicethread in K12 Education
Jing and Voicethread in K12 Education
 

Similar to Where We Are Today – The Current Landscape of Identity Management

What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityPhil Agcaoili
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Investorideas.com
 
Global Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldGlobal Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldNeil Raden
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Booz Allen Hamilton
 
Cyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaperCyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaperMicrosoft
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we workPuneet Chopra
 
130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docx130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docxLyndonPelletier761
 
130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docx130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docxherminaprocter
 
CIS13: Re-Engineering Identity
CIS13: Re-Engineering IdentityCIS13: Re-Engineering Identity
CIS13: Re-Engineering IdentityCloudIDSummit
 
FDIC - Social Media - Managing your business risk related to social media
FDIC - Social Media - Managing your business risk related to social mediaFDIC - Social Media - Managing your business risk related to social media
FDIC - Social Media - Managing your business risk related to social mediaSerge Milman
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityDominic Karunesudas
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationrrepko
 
NSTC Identity Management Task Force Report Executive Summary
NSTC Identity Management Task Force Report Executive SummaryNSTC Identity Management Task Force Report Executive Summary
NSTC Identity Management Task Force Report Executive SummaryDuane Blackburn
 
Citizen Engagement Roundtable
Citizen Engagement RoundtableCitizen Engagement Roundtable
Citizen Engagement Roundtabledisruptcolorado
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security PolicyRobot Mode
 

Similar to Where We Are Today – The Current Landscape of Identity Management (20)

BCC 2009 - NSTC
BCC 2009 - NSTCBCC 2009 - NSTC
BCC 2009 - NSTC
 
What CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber SecurityWhat CIOs and CFOs Need to Know About Cyber Security
What CIOs and CFOs Need to Know About Cyber Security
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
 
Global Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldGlobal Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid World
 
CISO Survey Report 2010
CISO Survey Report 2010CISO Survey Report 2010
CISO Survey Report 2010
 
7350_RiskWatch-Summer2015-Maligec
7350_RiskWatch-Summer2015-Maligec7350_RiskWatch-Summer2015-Maligec
7350_RiskWatch-Summer2015-Maligec
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
 
Cyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaperCyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaper
 
The meaning of security in the 21st century
The meaning of security in the 21st centuryThe meaning of security in the 21st century
The meaning of security in the 21st century
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we work
 
130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docx130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docx
 
130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docx130C h a p t e r10 Managing IT-Based Risk11 This c.docx
130C h a p t e r10 Managing IT-Based Risk11 This c.docx
 
CIS13: Re-Engineering Identity
CIS13: Re-Engineering IdentityCIS13: Re-Engineering Identity
CIS13: Re-Engineering Identity
 
FDIC - Social Media - Managing your business risk related to social media
FDIC - Social Media - Managing your business risk related to social mediaFDIC - Social Media - Managing your business risk related to social media
FDIC - Social Media - Managing your business risk related to social media
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperation
 
NSTC Identity Management Task Force Report Executive Summary
NSTC Identity Management Task Force Report Executive SummaryNSTC Identity Management Task Force Report Executive Summary
NSTC Identity Management Task Force Report Executive Summary
 
Citizen Engagement Roundtable
Citizen Engagement RoundtableCitizen Engagement Roundtable
Citizen Engagement Roundtable
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security Policy
 

More from Duane Blackburn

What is I2 Final-Approved
What is I2 Final-ApprovedWhat is I2 Final-Approved
What is I2 Final-ApprovedDuane Blackburn
 
Potential Opportunities for Common Federal Biometric Services
Potential Opportunities for Common Federal Biometric ServicesPotential Opportunities for Common Federal Biometric Services
Potential Opportunities for Common Federal Biometric ServicesDuane Blackburn
 
BCC (2012): Federal Panel Identifying Future Government Needs
BCC (2012): Federal Panel Identifying Future Government NeedsBCC (2012): Federal Panel Identifying Future Government Needs
BCC (2012): Federal Panel Identifying Future Government NeedsDuane Blackburn
 
Identity Intelligence: From Reactionary Support to Sustained Enabler
Identity Intelligence: From Reactionary Support to Sustained EnablerIdentity Intelligence: From Reactionary Support to Sustained Enabler
Identity Intelligence: From Reactionary Support to Sustained EnablerDuane Blackburn
 
Research, Development, Test, and Evaluation: A Defensible Process for Federal...
Research, Development, Test, and Evaluation: A Defensible Process for Federal...Research, Development, Test, and Evaluation: A Defensible Process for Federal...
Research, Development, Test, and Evaluation: A Defensible Process for Federal...Duane Blackburn
 
The National Biometrics Challenge (2011)
The National Biometrics Challenge (2011)The National Biometrics Challenge (2011)
The National Biometrics Challenge (2011)Duane Blackburn
 
Interagency Coordination of Biometrics and Forensic RDT&E
Interagency Coordination of Biometrics and Forensic RDT&EInteragency Coordination of Biometrics and Forensic RDT&E
Interagency Coordination of Biometrics and Forensic RDT&EDuane Blackburn
 
Identity Management Policy - The End of the Beginning?
Identity Management Policy - The End of the Beginning?Identity Management Policy - The End of the Beginning?
Identity Management Policy - The End of the Beginning?Duane Blackburn
 
NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...
NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...
NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...Duane Blackburn
 
Research Challenges in Combating Terrorist Use of Explosives in the United St...
Research Challenges in Combating Terrorist Use of Explosives in the United St...Research Challenges in Combating Terrorist Use of Explosives in the United St...
Research Challenges in Combating Terrorist Use of Explosives in the United St...Duane Blackburn
 
NSTC Identity Management Task Force Report
NSTC Identity Management Task Force Report NSTC Identity Management Task Force Report
NSTC Identity Management Task Force Report Duane Blackburn
 
Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations
Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations
Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations Duane Blackburn
 
Privacy and Biometrics: Building a Conceptual Foundation
Privacy and Biometrics: Building a Conceptual FoundationPrivacy and Biometrics: Building a Conceptual Foundation
Privacy and Biometrics: Building a Conceptual FoundationDuane Blackburn
 
The National Biometrics Challenge
The National Biometrics ChallengeThe National Biometrics Challenge
The National Biometrics ChallengeDuane Blackburn
 
Federal Biometrics Overview for Venture Capitalists (2005)
Federal Biometrics Overview for Venture Capitalists (2005)Federal Biometrics Overview for Venture Capitalists (2005)
Federal Biometrics Overview for Venture Capitalists (2005)Duane Blackburn
 
Using The National Science and Technology Council (NSTC)
Using The National Science and Technology Council (NSTC)Using The National Science and Technology Council (NSTC)
Using The National Science and Technology Council (NSTC)Duane Blackburn
 
Federal Budget Process Overview
Federal Budget Process OverviewFederal Budget Process Overview
Federal Budget Process OverviewDuane Blackburn
 

More from Duane Blackburn (20)

What is I2 Final-Approved
What is I2 Final-ApprovedWhat is I2 Final-Approved
What is I2 Final-Approved
 
Potential Opportunities for Common Federal Biometric Services
Potential Opportunities for Common Federal Biometric ServicesPotential Opportunities for Common Federal Biometric Services
Potential Opportunities for Common Federal Biometric Services
 
BCC (2012): Federal Panel Identifying Future Government Needs
BCC (2012): Federal Panel Identifying Future Government NeedsBCC (2012): Federal Panel Identifying Future Government Needs
BCC (2012): Federal Panel Identifying Future Government Needs
 
Identity Intelligence: From Reactionary Support to Sustained Enabler
Identity Intelligence: From Reactionary Support to Sustained EnablerIdentity Intelligence: From Reactionary Support to Sustained Enabler
Identity Intelligence: From Reactionary Support to Sustained Enabler
 
Research, Development, Test, and Evaluation: A Defensible Process for Federal...
Research, Development, Test, and Evaluation: A Defensible Process for Federal...Research, Development, Test, and Evaluation: A Defensible Process for Federal...
Research, Development, Test, and Evaluation: A Defensible Process for Federal...
 
The National Biometrics Challenge (2011)
The National Biometrics Challenge (2011)The National Biometrics Challenge (2011)
The National Biometrics Challenge (2011)
 
Interagency Coordination of Biometrics and Forensic RDT&E
Interagency Coordination of Biometrics and Forensic RDT&EInteragency Coordination of Biometrics and Forensic RDT&E
Interagency Coordination of Biometrics and Forensic RDT&E
 
Identity Management Policy - The End of the Beginning?
Identity Management Policy - The End of the Beginning?Identity Management Policy - The End of the Beginning?
Identity Management Policy - The End of the Beginning?
 
NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...
NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...
NSTC Policy for Enabling the Development, Adoption and Use of Biometric Stand...
 
Research Challenges in Combating Terrorist Use of Explosives in the United St...
Research Challenges in Combating Terrorist Use of Explosives in the United St...Research Challenges in Combating Terrorist Use of Explosives in the United St...
Research Challenges in Combating Terrorist Use of Explosives in the United St...
 
NSTC Identity Management Task Force Report
NSTC Identity Management Task Force Report NSTC Identity Management Task Force Report
NSTC Identity Management Task Force Report
 
Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations
Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations
Biometrics in Government Post-9/11: Advancing Science, Enhancing Operations
 
Privacy and Biometrics: Building a Conceptual Foundation
Privacy and Biometrics: Building a Conceptual FoundationPrivacy and Biometrics: Building a Conceptual Foundation
Privacy and Biometrics: Building a Conceptual Foundation
 
The National Biometrics Challenge
The National Biometrics ChallengeThe National Biometrics Challenge
The National Biometrics Challenge
 
Federal Biometrics Overview for Venture Capitalists (2005)
Federal Biometrics Overview for Venture Capitalists (2005)Federal Biometrics Overview for Venture Capitalists (2005)
Federal Biometrics Overview for Venture Capitalists (2005)
 
Using The National Science and Technology Council (NSTC)
Using The National Science and Technology Council (NSTC)Using The National Science and Technology Council (NSTC)
Using The National Science and Technology Council (NSTC)
 
Federal Budget Process Overview
Federal Budget Process OverviewFederal Budget Process Overview
Federal Budget Process Overview
 
BCC 2008 - NSTC
BCC 2008 - NSTCBCC 2008 - NSTC
BCC 2008 - NSTC
 
BCC 2007 - NSTC
BCC 2007 - NSTCBCC 2007 - NSTC
BCC 2007 - NSTC
 
BCC 2006 - NSTC
BCC 2006 - NSTCBCC 2006 - NSTC
BCC 2006 - NSTC
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 

Where We Are Today – The Current Landscape of Identity Management

  • 1. BIOMETRIC CONSORTIUM CONFERENCE AFCEA IDENTITY MANAGEMENT FOCUS SESSIONS Where We Are Today – The Current Landscape of Identity Management Duane Blackburn, MITRE Corporation 18 September 2012 Approved for Public Release: 12-3821. Distribution Unlimited ©2012-The MITRE Corporation. All rights reserved.
  • 2. ►Nov 2008 – May 2009 ►AT&T, Bank of America, Boeing, Microsoft, Raytheon, etc. ►January – July 2008 ►DoD, DHS, DOJ, HHS, Treasury, DOS, NIST, GSA, VA, IRS, FTC, NASA, NSF
  • 3. COMMONTHEMES-IMPORTANCE  Identity Management is a critical, though often underappreciated, component of successful applications in a variety of sectors  IdM can help remove barriers to collaboration and innovation by ensuring trust  People/things have only one “true” identity, but several aliases with varying degrees of confidence in the linkages to the “true” identity.  How to enable and manage these identities properly in a single application is difficult, but is even more difficult across interconnected systems  IdM activities in one application impacts and relies upon others, though these impacts aren’t normally understood or accounted for
  • 4. COMMONTHEMES–R&D Technology available now is good, but improvements are needed to improve capabilities, resiliency, privacy protection, convenience and security Research is needed on how to best combine different technologies Researcher access to useful data is an inhibitor Side to side comparisons of technology options is difficult/confusing and isn’t keeping pace with new products
  • 5. COMMONTHEMES-STANDARDS Interoperability is difficult if the systems do not share definitions and data structures Increases the chance of errors, which would be propagated throughout the interconnected systems Market-based and consensus-supported standards most likely to be universally accepted The existence and use of universal standards (or lack thereof) is often viewed as an indicator of a market/technology’s maturity
  • 6. COMMONTHEMES-PRIVACY Improving IdM can actually enhance privacy protection over the status quo – if done properly Outreach is an important aspect of privacy policy Even if the privacy policy is correct, negative public perception will scuttle a program quickly Privacy isn’t just for lawyers Building protections directly into the technology will provide greater assurance that the protections are implemented thoroughly and consistently. A single IdM privacy breach creates enduring problems in multiple systems Privacy and security aren’t mutually exclusive
  • 7. CO MM ON THE ME S– NEE D FOR GO VER NA NCE Identity-based systems are inherently connected to one another. Overall governance is required to manage this properly rather than ad-hoc or not at all All levels of government have the responsibility to ensure the safety and wellbeing of its citizenry – and IdM has clear impacts on national security, the economy, cyberspace, and individual healthcare Government must provide leadership and work with all stakeholders to create favorable conditions for the development of IdM that benefits users
  • 8. SOFARHASLEADTO…NOTMUCH  Foundation for CIO Councils’ identity work and for NSTIC  NSTAC Report: “Despite laudable progress being made in many different areas across a broad organizational front, Government does not yet have a cohesive strategy to fulfill the potential of its considerable investment in all aspects of IdM, nor to meet the emergent need.”
  • 9. BIOMETRIC CONSORTIUM CONFERENCE AFCEA IDENTITY MANAGEMENT FOCUS SESSIONS Where We Are Today – The Current Landscape of Identity Management Duane Blackburn, MITRE Corporation 18 September 2012 Approved for Public Release: 12-3821. Distribution Unlimited ©2012-The MITRE Corporation. All rights reserved.
  • 10. IDMCONCEPTUALLY From NSTC Document:  (T)he underlying function of identification has been a part of the human experience since the growth of social complexity introduced differentiated roles, rights, privileges, and resources into communities. Some of these “unique abilities” came with the membership of a class or group, while others represented individual characteristics. Sometimes there was an identifying badge, mark, object, or other way to visually distinguish the individual with a specific role; sometimes this could only be known from personal interaction.”
  • 13. Duane Blackburn 434-964-5023 dblackburn@mitre.org Disclaimer The author's affiliation with The MITRE Corporation is provided for identification purposes only, and is not intended to convey or imply MITRE's concurrence with, or support for, the positions,opinions or viewpoints expressed by the author