2017 GSN Airport, Seaport, Border Security Awards 

April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

January 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Secure Technology Alliance conference on federal identity management draws large crowd

PRINCETON JUNCTION, NJ June 14, 2017  Half of the more than 200 security experts, government technology vendors and industry leaders at the Secure Technology Alliance’s Securing Federal Identity 2017 conference in Washington, D.C. last week who gathered for the annual government security showcase on the most important developments and innovations in federal identity credentialing and access security were federal government employees.

“It is clear from all of the great sessions and discussions last week –  including advancements for derived credentials, innovative uses of technologies like near field communications and alternative authentication technologies, and a call-to-action to accelerate the adoption of interoperable identity and access solutions – that there is a real sense of urgency to push identity and security forward in government,” said Randy Vanderhoof, executive director of the Secure Technology Alliance. “With the majority of attendees from federal agencies, this event has become a hub for government and security executives and industry leaders to come together to make real progress in this space.”

In a discussion on federal identity programs and standards, speakers gave an update on the status of derived PIV[1] credentials and expanding the use of PIV credentials to mobile devices. They highlighted that while the root of trust starts with PIV, the industry is considering how to utilize different types of identifiers and authenticators on mobile devices to allow authentication at different levels of assurance for different applications. Speakers noted that today, derived PIV credentials are being piloted in some one-off developments for specific use cases and there is no standard implementation being widely adopted – but there is potential for this in the future.

Innovations Improving Identity Security in Government
In a panel, moderated by Anil John, Department of Homeland Security, on the DHS’s Identity Management and Data Privacy Research and Development Program, three federal program leads outlined the efforts surrounding innovative technologies for improving security, identity and privacy in government:

  • John Fessler, Exponent & Kantara Initiative, discussed an ongoing project that enables the use of derived credentials over a secure near field communications (NFC) channel using Opacity technology on a mobile device for physical access control
  • Michael Queralt, Queralt, Inc., described the company’s research project on mapping PIV credentials onto FIDO-compliant devices to grant mobile users simpler access to applications and data while requiring a higher level of authentication  
  • Devu Manikantan Shila, United Technologies Research Corporation, outlined a project called Context Aware Security Technology for Responsive and Adaptive Protection (CASTRA) that leverages analytics on mobile sensor data to learn various human behavioral traits, such as gait, location, proximity and app usage, to enable an active authentication capability

Joseph Stuntz, Office of Management and Budget and James Sheire, GSA Office of Government-wide Policy shared updates on the impact of the new Executive Order strengthening the cybersecurity of federal networks and critical infrastructure, and GSA’s efforts for improving identity and security in government through their new website, www.IDManagement.gov. The website, which is now live, provides the federal government with more digestible digital assets that can be easily updated as policies and regulations change.

Another innovation making an impact on government is the NIST[2] Special Publication 800-63-3 on “Digital Identity Guidelines,” which outline the identity proofing and authentication requirements for Federal agencies implementing digital identity services. At the event, speaker Paul Grassi, NIST Trusted Identity Group, said the guidelines are slated to be published later this month. As a next step, Grassi said NIST plans to build on these requirements by providing actionable guidance for implementation.

A Call to Action for Open, Interoperable Authentication
The one-day showcase wrapped up with a call-to-action discussion on what the industry can do to further accelerate the adoption of interoperable solutions for federal identity management and access security. Moderator Randy Vanderhoof, Secure Technology Alliance, and federal government panelists Tim Baldridge, Department of Defense, LaChelle LeVan, GSA[3]/FICAM[4], and Michael Garcia, NIST Trusted Identity Group discussed that today’s methods of identification and authentication for access are too single-sourced, and don’t provide enough flexibility for new and emerging use cases, such as remote access. Panelists came to the conclusion that there is no one-size-fits-all authentication solution for government – instead, the industry needs more open, interoperable solutions that can be used for a variety of use cases.

 

Recent Videos

“Varian’s Imaging Components business has a 50 plus year history of dedication to the imaging industry.”—Sunny Sanyal, Senior Vice President and...
IntraLogic's official release of the "One Button" Lockdown system on CBS 2 News.
HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile...