Purpose
PM-ISE asked AFEI working group to provide a quick-look Industry perspective on the following:
- Gaps between federated identity protection and management policy and the requirements industry partners receive for implementation of federal identity systems on programs and projects, and
- What can be done to Improve synchronization among Federal Policies, Procurement, and Acquisition strategies.
General Observations
Category |
Observation |
Policy |
Interpretation of requirements specified in various policies, such as HSPD-12, M-11-11, NIST SP 800-63, is inconsistent, resulting in confusion over how these requirements apply to agencies |
Governance |
Lack of a common governing body and reporting mechanism results in limited adoption and assigning lower priority to identity protection and management initiatives |
Funding |
Full implementation is often delayed because of perceived lack of available funding |
Terminology |
Terms such as access, identity management, and federation have different meanings depending on context and background, resulting in confusion about requirements and solutions |
Implementation |
Even where clear guidance regarding federated interoperable credentials exists, agencies continue to implement solutions that require application specific credentials, impacting market demand |
Generated Documents
Draft Report - Industry Comments and Recommendations for Federated Identity Management (Report) |
General Observations (brief) |
Interim Work In Progress Brief on Process Steps (brief) |
WIS3 - Workshop on Information Sharing Safeguarding Standards
WIS3 is an interactive workshop bringing together government and industry leaders to chart the future for standards in the Information Sharing Environment hosted by PM-ISE.
AFEI moderated TRACK 3 - Identity and Access Management Across Government.
The thrust is authenticating and authorizing ISE users to access information sharing systems and data.
Relevant topics included: FICAM, Backend Attribute Exchange (BAE), Security Assertion Markup Language (SAML) & XACML, and Global Federated Identity and Privilege Management (GFIPM), & NIEF.
Working Group Briefing to WIS3. (Brief)