by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : August 15, 2013
August 15, 2013 FCW.COM 21 Count identity management among the IT functions moving to the cloud. Traditionally, the task of managing users digital identities has involved maintaining an on-premise identity management system. The system enrolls users, manages information about their identities and keeps track of what resources they are authorized to access. It authenticates users by prompting them to provide credentials, such as a username and password or smart card. Once that information is veri ed, the system authorizes the user to access certain resources in accordance with the user s identity and role in the organization. Homeland Security Presidential Directive 12, which established the per- sonal identity veri cation (PIV) card as a standard federal employee credential, has spawned numerous identity man- agement systems at federal agencies. Although in-house systems are still the norm, agencies have begun to explore cloud-based identity manage- ment. The Federal Cloud Credential Exchange, the rst major test of the cloud approach, focuses on citizen access to agency resources and aims to provide an authentication service that spans all agencies. It will let people use third-party credentials to access mul- tiple federal resources online, thereby freeing agencies from maintaining their own systems for authenticating users. Naomi Lefkovitz, senior privacy pol- icy adviser at the National Institute of Standards and Technology, said FCCX will help agencies avoid the expense of credentialing the same person multiple times, which also makes life easier for the user. "Those are really the ef ciencies --- and the good customer experience --- we are looking for," said Lefkovitz, who co-led the FCCX Tiger Team that iden- ti ed the cloud system s requirements and technical architecture. Cloud-based identity management could also be a boon for agencies that operate shared services and need to authenticate employees from multiple government organizations. The Inte- rior Department, for example, issued a request for information earlier this year regarding a software-as-a-service (SaaS) identity management solution. The department s Interior Business Center, which provides human resourc- es applications to some 40 agencies, would use the system to help its cus- tomers access those applications. Agencies attracted to cloud-based identity management could avail them- selves of commercially available SaaS identity management products from vendors such as CA Technologies, Centrify, Okta and Ping Identity. The bene ts of moving identity man- agement to the cloud include speed of deployment, fewer maintenance needs, reduced costs and simpli ed upgrades, BY JOHN MOORE NAGEMENT THE CLOUD said Philip Kenney, CA Technologies senior director for security. Testing the waters with public users FCCX could emerge as the most vis- ible manifestation of cloud-based iden- tity management in government. The project is an outgrowth of the White House s National Strategy for Trusted Identities in Cyberspace (NSTIC). That initiative, launched in 2011, seeks to create an identity ecosystem that would let individuals tap private or public identity providers for trusted credentials, which could be used to log into multiple resources. Today, people typically must create accounts with each agency s identity management system. This approach "creates a burden to the citizen to manage a username and password for each agency application they need to access --- as well as a costly burden on each agency to issue and manage these usernames and passwords," the FCCX solicitation states. FCCX will rely on third-party cre- dentials, particularly those issued by identity providers certi ed by the Fed- eral Identity, Credential and Access Management initiative. Accredited providers include Citibank, Google, Symantec and Verizon. Lefkovitz offered this example of how FCCX would work: Someone who wanted to check his or her Social Secu- rity Administration bene ts would visit
July 30, 2013
August 30, 2013