department of the navy identity management initiative · department of the navy identity management...
TRANSCRIPT
![Page 1: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/1.jpg)
Approved for Public Release. Distribution Unlimited.
Department of the NavyIdentity Management
Initiative
Department of the NavyIdentity Management
InitiativeCAPT John Boyd
PM, Naval Information Sharing – People (NIS-P)
[email protected](703) 614-6868
28 Feb 2008
CAPT John BoydPM, Naval Information Sharing – People (NIS-P)
[email protected](703) 614-6868
28 Feb 2008
![Page 2: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/2.jpg)
Approved for Public Release. Distribution Unlimited. 2
Where did this come from?Where did this come from?
• Experience with biometrics to date
• DSB TF Report on Biometrics (Identity Management)
• SECNAV interest in preparing for the future– Broad scope of use cases, AORs– Program stability– Identity Management focus– Design broadly, deploy narrowly and quickly
• Use limited deployments to identify, define, “tease out”policy issues for resolution
![Page 3: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/3.jpg)
Approved for Public Release. Distribution Unlimited. 3
Why is this effort different?Why is this effort different?
• Holistic approach, fully embracing relevant aspects of:– Technology– Policy– Human factors
• Develop for transition to Programs of Record
![Page 4: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/4.jpg)
Approved for Public Release. Distribution Unlimited. 4
Develop For Transition toPrograms of Record
Develop For Transition toPrograms of Record
• Documented Requirements– Identity Dominance System (IDS) CDD
• Standards– EFTS, EBTS compliant
• Program of Record– Follow acquisition guidelines, sponsorship (in progress)
• Interoperability– Net-Ready KPP-compliant
• Sustainability– Moving toward compliant operational availability (Ao ≥ 97%)
![Page 5: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/5.jpg)
Approved for Public Release. Distribution Unlimited. 5
OrganizationalStakeholders
Equities
App
licat
ions
Identity Management: Context
BiometricsBiometrics
The “universe” of
Identity-sensitive issues,
needs, and opportunities
![Page 6: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/6.jpg)
Approved for Public Release. Distribution Unlimited. 6
NIS-P ObjectivesNIS-P Objectives
1. Expand flexibility and extensibility of root identification (Friendly, Adversary)
2. Develop and Field key mission-support applications (Ops, LE, Access)
3. Enhance cross-domain interoperability(Friendly, Neutral/Unknown, Adversary)
![Page 7: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/7.jpg)
Approved for Public Release. Distribution Unlimited. 7
NIS-P Objectives - ModeledNIS-P Objectives - Modeled
Applications
Information-Sharing
Root ID
FederatedServices
Friendly Unknown/Neutral
Adversary
Cross-Domain Interoperability
![Page 8: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/8.jpg)
Approved for Public Release. Distribution Unlimited. 8
Electric AnalogyElectric Analogy
UTILITY BACKBONE END-USER
User Interface- Has standardized physical and logicaldesign characteristics to permit apps to interface with servicing utility
Power Grid- Internally designed, managed- Exists to serve end-users- Standards-based interoperability across disparate jurisdictions, ownership
Applications,chosen and managed by end-user
![Page 9: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/9.jpg)
Approved for Public Release. Distribution Unlimited. 9
Comprehensive Approach to IdMComprehensive Approach to IdM
Focus: TECHNOLOGY COLLABORATIVE USER
• Standards-driven• Flexible/adaptive• Extensible• Interoperable• Gov’t/industry collab.
• Cross-gov’t scope• User-centric (acceptable,
beneficial, convenient)• Outreach mission
- Demystify- Bring in “outliers”- Help define application
opportunities, “clusters”
• Privacy sensitivity• Applications
framework/template• Plug/play stds (for
fielding/managing apps)
![Page 10: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/10.jpg)
Approved for Public Release. Distribution Unlimited. 10
NIS-P Spiral DevelopmentNIS-P Spiral Development
Mission Area ACCESS
LAWENFORCEMENT OPERATIONS
Spiral One
• Ship in Port• CONUS Base• Building• DoD Mil and Civonly for Spiral 1
• NCIS ops in austere environments
• Suspicious activity database & fusion
• NCTC, TSC connectivity
• Expanded data connectivity
• Expanded Maritime Interception Ops
• Marine Raids/Navy Seals
• Security Ops
Future Spirals
• Contractors and non-DoD
• Global - fixed and expeditionary
• Other/foreign nationals
• Cargo “identity”management
• Classified domain-direct connection to classified systems
![Page 11: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/11.jpg)
Approved for Public Release. Distribution Unlimited. 11
Pieces of the StrategyPieces of the Strategy
• Deployed mobile capability– System for Intelligence and Identity Management
Operations (SIIMON)
• NIS-P Federated Services– Federated Data Environment
• IDProTECT– Authoritative friendly personnel biometric
repository
• Local Access Controls– Base/building/ship
![Page 12: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/12.jpg)
Approved for Public Release. Distribution Unlimited. 12
Federated Services:Conceptual Design Features
Federated Services:Conceptual Design Features
• “Information sharing” as a central feature
• Interoperate across historically-disparate domains
• Don’t compete, collaborate– Embrace all equities, organizations
• Emphasize interoperability, scalability, extensibility
![Page 13: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/13.jpg)
Approved for Public Release. Distribution Unlimited. 13
Access ControlsAccess Controls
• Working with the Marine Corps to identify a base– Additional capabilities for one gate at one base
• Identifying a building– Most likely NOB Norfolk– Additional capabilities for one door
• Quarterdeck management system– Most likely based at NOB Norfolk– Additional, deployable capabilities for one vessel
![Page 14: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/14.jpg)
Approved for Public Release. Distribution Unlimited. 14
The Even Bigger PictureThe Even Bigger Picture
International
US Govt/Interagency
DoD/Joint
DoN
Treaty Orgs UN Industry Others
![Page 15: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/15.jpg)
Approved for Public Release. Distribution Unlimited. 15
BackupBackup
![Page 16: Department of the Navy Identity Management Initiative · Department of the Navy Identity Management Initiative Department of the Navy Identity Management Initiative CAPT John Boyd](https://reader030.vdocument.in/reader030/viewer/2022041101/5ed95bd7f59b0f56f45f57be/html5/thumbnails/16.jpg)
Approved for Public Release. Distribution Unlimited. 16
1
Info-Sharing Domain:1 – Intell/MDA-internal2 – OPS-L/E3 – Access-L/E
23
OPERATIONS- EMIOACCESS
CONTROLS - Base Access
(CONUS)- Remote borders- ID of persons aboard friendly vessels
LAW ENFORCEMENTCivil/Military Connectivity
- Law Enforcement- Emergency Operations
- Humanitarian Assistance/Disaster Recovery- Civil Support- Security/Stability
- Base Access(Overseas)
IM Info-Sharing: Functional View