District of Columbia Government State of Maryland Digital
District of Columbia Government State of Maryland Digital Government Summit Identity Management June 25, 2004 Office of the Chief Technology Officer Citywide IT Security (CWITS)
District of Columbia Government Citywide IT Security AGENDA § Security Architecture Principles § What is an Identity? § n-Factor Authentication § Identity Management Convergence § What is Identity Management? § Effective Identity Management Program § Points of Contact § Questions & Answers 1 2 2
District of Columbia Government Citywide IT Security Architecture Principals Authentication Auditing Authorization Availability Confidentiality/ Privacy Non-repudiation Integrity Identification 1 3 3
District of Columbia Government Citywide IT Security What is an Identity? Identity - Is the fundamental concept of uniquely identifying an object (person, computer, application, service, etc. ) as contained within an boundary (department, banking account, etc. ). Digital Identity - The ability to assign a computerized identifier with or to a person, computer, component, or service. It is critical to determine the items of information required to collect. Digital Identity Lifecycle – Creation, Maintenance, and Removal/Destruction of Identity Information. 1 4 4
Citywide IT Security District of Columbia Government Date of Birth Social Security Number Job Title Patient Account Employee Number Mother’s Name (Maiden) Identity Information Business Address Name Driver License Number Credit Card Purchasing Authority Home Address 5
District of Columbia Government N-Factor Authentication Methods Citywide IT Security (Use of Identity Information) Something that you HAVE (Token, Smart Card). Something that you ARE (Biometrics). Something that you NEED (Joint Signatures). Something that you KNOW (Password, PIN) Someplace where you are located (Computer, SITE). 1 6 6
District of Columbia Government Citywide IT Security Identity Challenges § § Identity Theft Disclosure of Identity Information Multiple Identity Islands Mismanagement of Identity during Lifecycle 1 7 7
Citywide IT Security District of Columbia Government Identity Management Convergence Business Requirements Success Information Technology 8
District of Columbia Government Citywide IT Security What is Identity Management? Permission Management Rights Management Access Management Directory Services Management Policy Management Password Management Identity Management Certificate Management User/System Account Management Provisioning Management 9
District of Columbia Government Citywide IT Security Effective Identity Management Program The 4 P’s Policies People/ Organization Processes/ Procedures Products/ Technologies 1 10 10
District of Columbia Government Citywide IT Security CWITS : Contact Information Terrence Lillard, CWITS Associate Director Terrence. Lillard@dc. gov (202) 727 -8796 1 11 11
Citywide IT Security District of Columbia Government 1 12 12
- Slides: 12