Showing posts with label PACS. Show all posts
Showing posts with label PACS. Show all posts

Federal ICAM Information Sharing Day and Vendor Expo

The Federal ICAM Information Sharing Day and Vendor Expo will take place on Tuesday, June 18, 2013 from 8:00 a.m. to 4:00 p.m.

 This event will consist of presentations, panel discussions, and breakout sessions on pressing issues facing the Federal Government’s ICAM programs today. Attendees will also benefit from a vendor exhibit, showcasing technology solutions to satisfy ICAM needs.

This free event is open to government employees, contractors, and industry representatives (e.g., vendors).

 LOGISTICS/VENUE INFORMATION  

The ICAM Information Day and Vendor Expo will be held on June 18, 2013 from 8:00 a.m. to 4:00 p.m. at the following location:

GSA One Constitution Square Building
1275 First Street NE, Washington

REGISTRATION INFORMATION

Those attending ICAM Information Day and Vendor Expo should register at the following site: http://www.gsa.gov/ICAMexpo

Special Information for Vendor Registration

If you plan to participate in the Spring 2013 ICAM Day’s Vendor Expo, please complete the registration process and choose your affiliation as a "Vendor". Upon registration, you will be contacted by the conference coordinator to provide additional details for exhibit coordination. ICAM Day vendor registration is free, but limited to the first 25 vendors.

 AGENDA

Please note that the agenda is subject to change.

Timeframe
Description
Speaker
8:00 – 9:00
Registration
 
9:00 – 9:10
Welcome and Opening Remarks
Deb Gallagher (GSA)
Paul Grant (DoD)
9:10 – 9:30
FIPS 201/FICAM Testing Program Update
Chi Hickey (GSA)
9:30 – 10:30
 Panel Discussion: Attribute Exchange and Information Sharing in Action
Panelists will share the latest updates on technology and approaches for attribute exchange and the importance of information sharing and safeguarding to the national cybersecurity agenda.		 Anil John (GSA), Moderator
  • David Coxe (ID DataWeb, Inc.)
  • Dieter Schuller (Radiant Logic)
  • Nathaniel (Ted) Sobel (DHS)
  • John F. Wandelt (GTRI)
  • Martin Smith (PM-ISE)
10:30 – 11:30
 Panel Discussion: Externalizing Authentication
Panelists will provide insights into how Agencies can externalize authentication using shared services. Participants include members of the OMB MAX Authentication Team as well as members of the Federal Cloud Credential Exchange (FCCX) Team.		 Anil John (GSA), Moderator
  • FCCX Team
  • MAX.GOV Team
11:30 – 12:30
Lunch break (lunch not provided)
12:30 – 4:00
Vendor Expo
12:30 – 1:15
Breakout Session 1 

FICAM Procurement [Government Only. PIV Required for Entrance]
An interactive discussion with agencies with regards to challenges and gaps in procuring PACS components/systems from the Approved Products List. Potential discussion topics include breakdown of new PACS categories, severity levels/risks, ICAM test cards, development of acquisition language that complies with policy and meets agency needs, and defining acquisition requirements for relevant ICAM systems.

Driving Mobility Forward with ICAM
A discussion of current trends and technology within the mobile environment. Potential discussion topics include contactless, enterprise architecture, and strategies for supporting a mobile, remote workforce.

Enterprise PACS Solution Best Practices
A discussion of lessons learned, solutions, and processes to support implementation of agency-wide enterprise PACS and PIV-enablement. Potential discussion topics include managing risk, designing an enterprise PACS, and migrating to strong authentication using the PIV Card.

Realizing the Value of ICAM
A discussion of how to plan, implement, and measure an agency ICAM program focused on efficiency, cost-savings, and value. Potential discussion topics include the strategic importance of ICAM as a mission enabler, messaging ICAM to leadership, prioritizing and securing investments, and selecting cost-effective design and solutions for implementation.
1:20 – 2:05
Breakout Session 2 

FICAM Procurement [Government Only. PIV Required for Entrance]
An interactive discussion with agencies with regards to challenges and gaps in procuring PACS components/systems from the Approved Products List. Potential discussion topics include breakdown of new PACS categories, severity levels/risks, ICAM test cards, development of acquisition language that complies with policy and meets agency needs, and defining acquisition requirements for relevant ICAM systems.

Driving Mobility Forward with ICAM
A discussion of current trends and technology within the mobile environment. Potential discussion topics include contactless, enterprise architecture, and strategies for supporting a mobile, remote workforce.

Enterprise PACS Solution Best Practices
A discussion of lessons learned, solutions, and processes to support implementation of agency-wide enterprise PACS and PIV-enablement. Potential discussion topics include managing risk, designing an enterprise PACS, and migrating to strong authentication using the PIV Card.

Realizing the Value of ICAM
A discussion of how to plan, implement, and measure an agency ICAM program focused on efficiency, cost-savings, and value. Potential discussion topics include the strategic importance of ICAM as a mission enabler, messaging ICAM to leadership, prioritizing and securing investments, and selecting cost-effective design and solutions for implementation.
2:10 – 2:35
 Accelerating the implementation timeline and reducing the cost of PIV in application by using Cloud services
  • Xceedium
  • Amazon Web Services
2:35 – 3:35
 Panel Discussion: Tackling an Evolving Mobile Environment
Panelists will discuss approaches for addressing common mobility and security-related challenges. Panel will include agency representatives at different stages of program planning and execution, as well as participants from policy and technical viewpoints.
Donna Dodson (NIST), Moderator
  • John Hickey (DOD/DISA)
  • Tom McCarty (DHS)
  • Adam Zeimet (USDA)
3:35 – 3:55
OMB ICAM Update
[Government Only. PIV Required for Entrance]
Carol Bales (OMB)
3:55 – 4:00
Closing Remarks
Salomeh Ghorbani (GSA)
Posted
Labels: , , , ,

Federal ICAM Information Sharing Day and Vendor Expo

The Federal Identity, Credential and Access Management Subcommittee Announces the ICAM Information Sharing Day and Vendor Expo

On November 27th, the Identity, Credential, and Access Management Subcommittee (ICAMSC) will hold the ICAM Information Sharing Day and Vendor Expo. The focus of this ICAM Information Day and Vendor Expo will be the use of PIV credentials in systems such as Physical Access Control Systems (PACS), Logical Access Control Systems (LACS), mobile devices and cloud services. The participating vendors will demonstrate their latest information assurance and security products and services related to the use of the PIV.

LOGISTICS/VENUE INFORMATION  

The ICAM Information Day and Vendor Expo will be held on November 27, 2012 in coordination with the Smart Cards in Government Conference which will be held November 28th – 30th at the following location:

Washington Convention Center
801 Mount Vernon Place Northwest, Washington, DC 20001

There will be no fee for federal employees and contractors with PIV attending the ICAM Information Day event.

REGISTRATION INFORMATION

Those attending ICAM Information Day and Vendor Expo should register at the following site: www.GovSmartID.com

AGENDA

Please note that the agenda is subject to change.

Timeframe

Description

Speaker

9:00 – 9:15

Welcome and Opening Remarks

Deb Gallagher (GSA) and/or Paul Grant (DoD)

9:15 – 10:00

Keynote Address: Enabling CAC/PIV in a Mobile Government Workforce

Rob Carey (DoD)

10:00 – 12:00

Opening of the Vendor Exhibits

12:00 – 12:30

Lunch break (lunch not provided)

12:30 – 1:00

Security Policy and Standards for Use of Mobile Devices on Federal Networks

Carol Bales (OMB)/ Donna Dodson (NIST)

1:00 – 1:30

Expectation of PIV use with Logical Access Systems

Bill Erwin (DoD)

1:30 – 2:00

Expectation of PIV use with Mobile Devices

Deb Gallagher (GSA)

2:00 – 2:30

Expectation of PIV use with Physical Access Systems

Will Morrison (FAA)

2:30 – 3:00

Afternoon Break (vendor exhibits will remain open)

3:00 – 3:15

FIPS 201-2 Status

Hilde Ferraiolo (NIST)

3:15 – 3:30

Update on FY FISMA Metrics for PIV Use

Glen Lee (DOE)/ Rajeev Pillai ( GSA)

3:30 – 3:45

Trust Framework Update

Anil John (GSA)

3:45 – 4:15

Open Discussion

Deb Gallagher (GSA) and/or Paul Grant (DoD)

4:15 – 4:30

Closing Remarks

Deb Gallagher (GSA) and/or Paul Grant (DoD)
Posted
Labels: , , , ,

New FICAM Guidance on using PIV and PIV-I Cards in Agency PACS

Incorporating stronger authentication technologies in an Agency Physical Access Control System (PACS), such as PIV and PIV-I cards, is a critical aspect of mitigating the risk of physical security breaches. FICAM recently published the "Personal Identity Verification (PIV) in Enterprise Physical Access Control Systems (E-PACS)" (PDF) document which provides detailed technical and security guidance for leveraging PIV and PIV-I authentication mechanisms in a federal agency PACS.

This is a comprehensive document that covers:

  • The current PACS landscape
  • The current standards and guidance that directly or indirectly affect PACS
  • Enterprise PACS security functions, which describe specific and measurable security controls that impact the successful operation of PACS as a security countermeasure
  • A comprehensive list of common authentication patterns that illustrate both proper and improper use of PIV and PIV-I authentication 

E PACS
The Enterprise PACS security functions are broken down into:

  • Technical Controls
    • Identification and Authentication
    • Access Control
    • Audit and Accountability
    • System and Communications Protection
  • Operational Controls
    • Configuration Management
    • Contingency Planning
    • Physical and Environmental Protection
    • System and Information Integrity
    • Awareness and Training
  • Management Controls
    • Security Assessment and Authorization
    • Planning
    • Risk Assessment

The authentication patterns, which include both good and not-so-good patterns, are one of the more informative parts of this document. They in turn align with the NIST SP 800-116 (PDF) authentication mechanisms as they pertain to gaining access to security areas.

The patterns themselves are provided using a standard format:

  • Use Case Diagram
  • Description
  • Unmitigated Threats
  • Pros, Cons, Issues
  • Considerations

This document, which was produced by the FICAM Architecture Working Group, was a significant undertaking and reflects the many perspectives that go into deploying an effective PACS. The newly established FICAM Modernized Physical Access Working Group (MPAWG) will manage updates and changes to this document.

RELATED INFORMATION


:- by Anil John

Posted
Labels: , , , ,
Subscribe to: Posts (Atom)