*subject to change
Tuesday, 29 September | Identity Management Program (Day 1)
|8:30||Coffee & Registratio in the Green Auditorium Foyer|
|9:00||OASIS KMIP TECHNICAL COMMITTEE MEETING, Lecture Room D
*Open to TC members only ~ contact Dee Schur to join
OPENING REMARKS: SETTING THE STAGE
USE OF OPEN IDENTITY TECHNOLOGIES IN GOVERNMENT
Session Chair: Mary Ruddy, Founder, Meristic, Inc.
User-Driven Initiatives Roundtable
User driven identity standards such as Information Cards can help increase government transparency and public involvement, while reducing costs. Enabling government websites to have secure, privacy protected transactions with users requires new approaches to identity. Come hear how a growing community is leveraging open identity standards such as Information Cards and OpenIDs to enable more transparent government.
|11:15||Coffee Break in the Green Auditorium Foyer|
KEYNOTE SESSION: Addressing Privacy, Trust, and Accountability
Ari Schwartz, Vice President and CPO of the Center for Democracy and Technology will respond to Callahan's remarks and provide a viewpoint of the expectations of privacy advocates, the press and Congress as authentication solutions are developed.
||OASIS KMIP TECHNICAL COMMITTEE MEETING ENDS
Open federation identity systems provide unique usability and security challenges, due to the broad user base and the lack of formal business relationships between identity providers and consumers. On October 2008, Google enabled every Google Account user for OpenID use, taking an innovative approach to the user experience and to the security of OpenID identifiers. In this presentation, the speaker will describe security considerations about the OpenID protocol, and also how usability considerations can inform communication of privacy choices to users.
This presentation will discuss an XACML US export control profile that contains a list of standard attributes used in making export control authorization decisions. The profile attributes are based on the Export Administration Regulations from the U.S. Department of Commerce and the International Traffic in Arms Regulations from the U.S. Department of State. In addition, the speaker will discuss another XACML profile for intellectual property controls, which is based on an international understanding of intellectual property laws and protection schemes. This work is currently being developed as an OASIS Open Document Format for Office Applications metadata specification that contains elements that correspond to the XACML profiles mentioned above. The goal is to ultimately provide a comprehensive approach to making export and intellectual property authorization decisions using OASIS open standards.
||IMPLEMENTATION CONSIDERATIONS CONTINUES
Session Chair: June Leung, Chair, OASIS IDtrust Member Section
FIPS 201 defines a government-wide interoperable identification credential for controlling physical access to federal facilities and logical access to federal information systems. The FIPS 201 credential, known as the Personal Identity Verification (PIV) Card, supports PIV Cardholder authentication using information securely stored on the PIV Card. But additional off-card information is often needed to enable physical access to facilities and logical access to information systems. This presentation describes a SAML V2.0 deployment profile and reference implementation, jointly developed by of Homeland Security (DHS) and the Department of Defense (DOD) and submitted to the Federal CIO Council ICAMSC, that specifies how a principal who has been issued a PIV Card is represented as a SAML Subject and how this off-card information (identity and authority based attributes) can be exchanged in an interoperable and secure manner across the Federal Government.
||Break in the Green Auditorium Foyer|
MANAGING SOCIAL MEDIA
Use of social networking tools and applications to improve information sharing and collaboration will transform how organizations think about, and manage, identities. Profiles, social graphs, and activity streams enable employees to construct their own social identities across internal and external constituencies. Participation in social networks and community contributions enable employees to establish their own social roles and reputations. This session will examine the benefits, risks, and implications of more open collaboration and transparent knowledge sharing on identity management strategies.
|5:35||Conference Adjourns for the Day
|6:00||Cocktail Reception at the Marriott Hotel, shuttle service available|