Identity and Access Management is a fundamental and critical cybersecurity capability and is at the core of many of the National Cybersecurity Center of Excellence’s (NCCoE’s) efforts to address businesses’ most pressing cybersecurity challenges.
In recognition of the second annual Identity Management Day, taking place on April 12, 2022, the NCCoE would like to shine a spotlight on a few of our identity management-related resources. Below are a few featured projects:
- Modernizing Identity and Access Management for the Public Safety Sector. The NCCoE, working in partnership with the Public Safety Communications Research Division at NIST, provides guidance in three critical areas of opportunity for public safety information sharing and identity and access management: biometrics, identity as a service, and identity federation.
- Mobile Application Single Sign On: This project describes how public safety organizations can implement single sign-on functions for public safety personnel, use identity federation to authenticate personnel across organization boundaries, and enable multi-factor authentication (MFA) with a high level of assurance.
- Multifactor Authentication for E-Commerce: This project demonstrates risk-based scenarios to trigger the use of multifactor authentication (MFA) to help reduce fraudulent online purchases.
- Identity and Access Management in the Energy Sector: The NCCoE developed an example solution that electric utilities can use to centrally manage access to the networked devices and facilities on which power generation, transmission, and distribution depend. The solution uses commercially available products to demonstrate a converged IdAM platform.
- Access Rights Management: An Access Rights Management system enables a company to give an employee, contractor, third party vendor, or visitor the right access to the right resources at the right time. Financial services sector organizations can benefit from the ability to centrally issue, validate, and modify or revoke access rights for an entire enterprise based on easy-to-understand sector and organizational requirements.
- Attribute Based Access Control: This project developed a reference design for an Attribute-Based Access Control (ABAC) system. ABAC is an advanced method for managing access rights for people and systems connecting to networks and assets, offering greater efficiency, flexibility, scalability, and security.
- Derived PIV Credentials: The project demonstrated a feasible security platform using federal PIV standards that leverages identity proofing and vetting results of current and valid PIV credentials to enable two-factor authentication via mobile devices while meeting policy guidelines. This project is relevant beyond Federal users to mobile device users in the commercial sector using smart card-based credentials or other means of authenticating identity and supports operations in federal (PIV), non-federal critical infrastructure (PIV-interoperable or PIV-I), and general business (PIV-compatible or PIV-C) environments.
Have a question? Want to get involved? Visit any of the project pages above to get involved in their respective Community of Interest (COI).
What is Identity Management Day?
Founded by the Identity Defined Security Alliance (IDSA) and supported by the National Cybersecurity Alliance (NCSA), the mission of Identity Management Day is to educate business leaders, IT decision makers and the public on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technologies, with a special focus on the dangers of not properly securing identities and access credentials.