Department of Veterans Affairs Personal Identity Verification PIV

Agenda • History • • Authentication Authorization Infrastructure Program (AAIP) Required Changes • Current

VA PIV History • Experience - Oct 2004, VA conducted a 10 -month pilot

VA PIV History (Continued) • Increased Return on Investment • VA’s focus is to

VA PIV Status The Department of Veteran Affairs successfully complied with HSPD 12 •

PIV Architecture - Version 0. 5 October 2006 PIV 0. 5 Objectives • Interim

PIV Architecture - Version 2. 0 PIV 2. 0 Objectives • Full Compliance with

PIV Architecture – Version 3. 0 Future Enterprise Integration PIV 3. 0 Objectives •

Achievements • VA PIV is 1 of 4 Successful Federal HSPD-12 programs • PIV

Enterprise Integration Achievements • Sharing data sets based on correlated Unique Identifier (UID) •

PIV National Deployment • Site transformation from PIV-1 “Process” to incorporate use of PIV

VA PIV Resources • VA PIV Intranet site: • vaww. va. gov/PIVproject • VA

Slides: 14

Download presentation

Department of Veterans Affairs Personal Identity Verification (PIV) Program Brian Epley, VA PIV Program Manager August 14, 2007

Agenda • History • • Authentication Authorization Infrastructure Program (AAIP) Required Changes • Current State and Future Goals • • PIV 0. 5 PIV 1. 0 PIV 2. 0 PIV + Architecture Achievements National Deployment Schedule Resources 2

VA PIV History • Experience - Oct 2004, VA conducted a 10 -month pilot that included: • • Issued 1, 100 cards prior to HSPD-12 Provided logical and physical access Three digital certificates Used an application process similar to the PIV process • Investment - VA procured a substantial amount of resources to support earlier smart card initiative • 85, 000 smart cards • Front-end and Back-end components (servers, workstations, printers, etc. ) • Business Requirement - VA’s unique operational mission requires a tailored solution • Large affiliate population (80, 000+) requires “One. VA” (non-PIV) cards • 24 -hour turn around on issuance • 24/7 Help desk support 3

VA PIV History (Continued) • Increased Return on Investment • VA’s focus is to advance the use of identity and access management (IAM) across the Department • • Mapping of user privileges Provisioning and deprovisioning services Synchronization of data with authoritative sources Rights management with standardized Role Based Access Control (RBAC) models • Management of entity profiles • The IAM solution can be used to support management of veteran identities • Establishing an enterprise IAM backbone within the VA will save millions of dollars 4

VA PIV Status The Department of Veteran Affairs successfully complied with HSPD 12 • Issued first card to PCI Manager October 20 th • Issued twelve credentials to Sponsor, Registrar and Issuers between October 20 th and October 26 th • Issued three ID credentials to employees October 27 th • Issued 1, 400+ credentials since October 27 th VA legacy cards (Activ. Card Applet v. 2 on Cyberflex Access 64 k v. 1) • Provide logical and physical access • Have three digital certificates • Comply with topographical requirements Key Differences • Does not have fingerprints loaded on the card • The card stock is non-compliant VA will begin PIV National Deployment September 2007 • 24 -month deployment to implement PIV Enrollment Operations Centers at approximately 225 field locations serving 1, 200+ facilities across CONUS 5

PIV Architecture - Version 0. 5 October 2006 PIV 0. 5 Objectives • Interim FIPS-201 Compliance -Smart Cards -Authentication -Unique IDs -Digital Signature -Email encryption • Disaster Recovery Capability 6

PIV Architecture - Version 2. 0 PIV 2. 0 Objectives • Full Compliance with FIPS 201 -Smart Cards -Authentication -Unique IDs -Digital Signature -Email encryption • Disaster Recovery Capability • Help Desk • Establish VA Interfaces • Establish Federal Enterprise Interfaces 7

PIV Architecture – Version 3. 0 Future Enterprise Integration PIV 3. 0 Objectives • Integrate into VA Enterprise Architecture • Establish SSO with additional enterprise applications • Link authoritative data sources using IAM backbone • Establish interoperability with other Shared Service Providers • Add 3 rd Data Center leg for load-balancing across CONUS • Integrate VA PIV with GSA MSO and Federal peers 8

Achievements • VA PIV is 1 of 4 Successful Federal HSPD-12 programs • PIV is currently in production at VACO • Issued 1, 400+ credentials that support: • Smartcard authentication • Unique IDs • Digital signature • E-mail encryption • PIV participated in OED IAM Workshop to identify duplicative requirements and enterprise solutions to meet the needs of: • Active Directory • VBA – Loan Guarantee Program, VIP • OS&LE – Security Investigations Center (SIC) • Centralized and timely adjudication • VHA & VBA • VHA EA Integration—SSO 9

Enterprise Integration Achievements • Sharing data sets based on correlated Unique Identifier (UID) • Active Directory • PAID • Combined program requirements • VBA • Loan Guarantee Program • One. VA VIP Portal • EA One. VA Portal/SSO • VHA • Resource collaboration • e-Authentication • Soft Certificate initiative • Do. D/CAC 10

PIV National Deployment • Site transformation from PIV-1 “Process” to incorporate use of PIV systems to achieve HSPD-12 compliance and unified “One. VA” credentials • 24 -month deployment to implement PIV Enrollment Operations Centers at approximately 225 field locations serving 1, 200+ facilities across US • Multi-Administration collaboration to determine VISN/Region geographic sequence • Based on VISN/Region site readiness • Involves comprehensive 120 -day preparation 11

Deployment Schedule 12

VA PIV Resources • VA PIV Intranet site: • vaww. va. gov/PIVproject • VA PIV PMO e-mail address: • VAPIVPRO@va. gov • VA PIV Team members: • PIV Executive Steering Committee • Brian Epley, Program Manager • Gloria A. Harris, Business Manager • Leonard Kenon, Project Manager • Maurice Claggett , Project Manager • Multiple contract resources • Multiple Working Groups 14