1 / 10

Identity Proofing in the Cloud

Identity Proofing in the Cloud. February 15, 2012 Greg Capella Deputy Executive Director DHS/OCIO/ESDO. DHS’s History. Established on November 25, 2002 Cabinet level post created Incorporated 22 agencies into one organization

gunnar
Télécharger la présentation

Identity Proofing in the Cloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity Proofing in the Cloud February 15, 2012 Greg Capella Deputy Executive Director DHS/OCIO/ESDO

  2. DHS’s History • Established on November 25, 2002 • Cabinet level post created • Incorporated 22 agencies into one organization “The creation of DHS constituted the most significant government reorganization since the Cold War, and the most substantial reorganization of federal agencies since the National Security Act of 1947” Reference: Peter Andreas: “Redrawing the line “

  3. DHS Data Center Consolidation • Consolidating to 2 operational centers • Lift and shift approach not viable • Expensive • Inefficient for most applications • Takes too long • New guidance reinforced desire for a “better way” • Enhance Security Posture and Information Sharing Capabilities

  4. IT Reform @ DHS IT Reform @ DHS Departmental Plan Federal Plan • Cloud First • Enable and leverage secure XaaS (i.e., SaaS, PaaS, IaaS) • Standup and enable IT commodity services (e.g., SharePoint, Email, CRM, and Auth as a Service, Service Catalog) • Public and Private Offerings • Consolidate IT Assets • Data Center consolidation (i.e., EDC) • Network consolidation (i.e., OneNet) • IT buying services (i.e., EAGLE II, FirstSource II, GSA IaaS) • ICAM • Collaboration & Best Practices • IT Councils (i.e., ASC, SIOC, CISOC, etc) • Executive Steering Committees (ESCs) (i.e., TASC, Screening, HC/HR, etc) • Portfolio Governance and Integrated Investment Lifecycle (i.e., PMCOE, SEWG, etc) • FedSpace/Best Practice Platform “Shift to a “Cloud First” policy”

  5. “Private and Public Cloud Services” DHS established a model for enabling available, secure, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. • Cloud Attributes • 1. Services Based • Computing resources are consumed as services • 2. Multi Tenant • Resources are shared among many customers • Reuse – Source Forge Concept • 3. Pay Per Use • Customers pay based on usage; not for full stand up • 4. Scalable and Elastic • Resources and provisioned or released in near real-time • 5. Access • Role Based access and Authentication • 6. Compliant • Security Profile for Production Environment • 508 Compliant Templates • Cloud Services • Software as a Service (SaaS): • Delivery of business applications over the Intranet on demand. • Customers leverage ESDO development capabilities to provide complete end-user applications. • Platform as a Service (PaaS): • Delivery of a combination of infrastructure and “middleware” software combined together • Provides an end-to-end software development and production pipeline in a “hosted” model on demand. • Customers use the platform solutions develop and launch new applications • Infrastructure as a Service (IaaS): • Customers use the secure, reusable infrastructure to run their platform and business services • Delivery of technology infrastructure on demand (e.g., network, servers, memory, storage, and database).

  6. DHS Identity Proofing in the Cloud • VIS provides ability for employer to confirm workers right to work in US • Congress requested the DHS (USCIS) create a program so the worker could check their status • Confirm right to work • Obtain information on next steps if there was an issue • DHS (USCIS) created the SelfCheck program to provide this capability to workers

  7. www.uscis.gov/everifyselfcheck

  8. Identifying Information

  9. E-Verify Self Check Self Check: Identity Proofing in the Cloud US Workforce:Self Check is available to the entire US workforce, regardless of employment with an E-Verify employer Identity Assurance: Level 2Identity Proofing, including knowledge based questioning, ensures Self Check is only used by identity information owners Web Based:Self Check is offered over the Internet and other channels are being investigated Fraud Prevention:A user is only able to use Self Check if he is able to successfully authenticate his identity Self Check Employment Eligibility Verification:Self Check returns either an affirmative response or any data mismatches found in DHS or SSA records Results Sample Sample Sample X Sample Mismatch Resolution:Users receive instructions on how to correct any data mismatches in SSA or DHS records

  10. Summary • DHS has embraced both the Public and Private Clouds • Reduce costs and time to deploy • Increase flexibility and responsiveness • Decrease carbon footprint • Decrease floor space • DHS is rolling out numerous Public and Private Cloud efforts • Need to apply sound security management practices to use Clouds safely and effectively

More Related