Update on GFIPM Activity Threads at Team Meeting

Update on GFIPM Activity Threads at Team Meeting
Slide Note
Embed
Share

Updates on various GFIPM activity threads discussed at the November 2011 team meeting. Topics include NCSC/GBI XACML sample implementation, privacy policy framework, interoperability pilot, and more. The content delves into funded projects, prototype architectures, final reports, and implementer guides related to the GFIPM initiative.

  • GFIPM
  • Activity Threads
  • Team Meeting
  • Implementation
  • Privacy Policy
brrd152
brrd152 Follow

Uploaded on Feb 27, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011

  2. Other GFIPM Activity Threads NCSC/GBI XACML Sample Implementation Privacy Policy Framework Implementer Guide GFIPM/BAE Interoperability Pilot SAML Holder-of-Key Profile Implementation CONNECT Consortium Update (Rob Kribs)

  3. NCSC/GBI XACML Sample Implementation Status Update

  4. NCSC/GBI XACML Sample Implementation Funded via BJA grant to NCSC Period of Performance: Mid 2010 to EOY 2011 Goal: Demonstrate the use of an externalized access control mechanism with an existing law enforcement info sharing system Integrate XACML with GBI JIMnet test instance Implement info sharing policies from GBI Directive 7-6 Work Products: GBI rules expressed in XACML Identification of potential new GFIPM attributes XACML-enablement prototype of GBI JIMnet Also conformant to GFIPM web services spec

  5. JIMnet Architecture

  6. Prototype Architecture with XACML and GFIPM Web Services

  7. NCSC/GBI Project Final Report Draft submitted to NCSC on 11/1 Final draft to be complete by EOY 2011

  8. Privacy Policy Framework Implementer Guide Status Update

  9. Privacy Policy Framework Implementer Guide Funded via BJA grant to NCSC Period of Performance: Late 2011 to Mid 2012 Follow-on to GBI XACML implementation work Goal: Develop an implementer guide/tutorial for implementing a XACML-based authorization/privacy framework Will include implementation exercises, sample code/solutions, etc. Currently in early phase

  10. Privacy Policy Framework Implementer Guide TOC

  11. GFIPM/BAE Interoperability Pilot Status Update

  12. HSPD-12 Back-End Attribute Exchange Supports operation of PIV and PIV-I cards Personal ID card with embedded crypto token Delivers additional attributes not on cards Protocol spec and system implementation Uses SAML 2.0 Attribute Query Profile Technical support provided by JHUAPL BAE defines ~35 data attributes about users Already reconciled with GFIPM Metadata 2.0

  13. GFIPM/BAE Interoperability Pilot Pilot project initiated in mid-2010 Use Case: BAE user accesses GFIPM resource 1. BAE user authenticates to GFIPM IDP (TIB) 2. GFIPM IDP collects BAE user attributes This is the primary GFIPM/BAE integration point 3. GFIPM IDP translates BAE attrs to GFIPM attrs Mapping from BAE to GFIPM attrs already exists 4. GFIPM IDP sends SAML assertion to GFIPM SP 5. BAE user accesses GFIPM resource

  14. Proposed GFIPM/BAE Use Case User with PIV or PIV-I Card Authoritative Attribute Source 1 GFIPM Relying Party Authoritative Attribute Source 2 Trusted Identity Broker XML Security Gateway (BAE) Virtual/Met a Directory Authoritative Attribute Source 3 GFIPM Relying Party State & Local Agency Attribute Service

  15. GFIPM/BAE Pilot Status Held initial technical discussions with JHUAPL GTRI is prototyping the GFIPM components Will connect to existing BAE test-bed BAE client-side software does not exist Must perform SAML attr query over web svcs GTRI will develop it using GFIPM WS sample code Timeline is TBD Gated in 2011 due to GFIPM WS development Sought funding in 2010 not a high priority then

  16. SAML Holder-of-Key (HoK) Profile Implementation Status Update

  17. SAML Holder-of-Key (HoK) Profile Extension to the core SAML spec OASIS Committee Specification (not ratified yet) No implementations available yet Enables NIST level of assurance 4 (LOA-4) LOA-4 requires direct authentication with RP Traditional SAML provides assertion only SAML HoK provides hybrid direct authn/assertion Plan: Seek funding to extend Shibboleth w/ HoK Most groups using SAML don t need LOA-4 authentication Justice community requires it for some data exchanges Current Status: on hold pending demand/funding

Related


Threads is a new app by Instagram that lets people share photos, videos, and messages with just their close friends

Threads is a new app by Instagram that lets people share photos, videos, and messages with just their close friends

marketing1
Threads, Linked Lists, and Programming Models in Concurrent Programs

Threads, Linked Lists, and Programming Models in Concurrent Programs

marmaduke
Threads and Task Scheduling in Operating Systems

Threads and Task Scheduling in Operating Systems

callan
Challenges in GFIPM Web Services Implementation

Challenges in GFIPM Web Services Implementation

raquell
Guide to Multithreaded Programming using Java Threads

Guide to Multithreaded Programming using Java Threads

watkins_i
Common Threads Between Jesuit Education and Montessori Education

Common Threads Between Jesuit Education and Montessori Education

pierpont_s
Example Team Meeting Agenda

Example Team Meeting Agenda

sica_lly
Parallel Programming Directives and Concepts

Parallel Programming Directives and Concepts

les_b
Threads and Concurrency in Systems Programming

Threads and Concurrency in Systems Programming

kingsten
A Software Memory Partition Approach for Eliminating Bank-level Interference in Multicore Systems

A Software Memory Partition Approach for Eliminating Bank-level Interference in Multicore Systems

keri209
Why Threads Are a Bad Idea for Most Purposes - John Ousterhout's Perspective

Why Threads Are a Bad Idea for Most Purposes - John Ousterhout's Perspective

leo_th
User-Level Management of Parallelism: Scheduler Activations

User-Level Management of Parallelism: Scheduler Activations

jmichm
Introduction to Parallel Computing Concepts

Introduction to Parallel Computing Concepts

pepitone_a
Rethinking Processes with Threads in Operating Systems

Rethinking Processes with Threads in Operating Systems

eton759
GFIPM Deliverables Overview and Changes in 2011

GFIPM Deliverables Overview and Changes in 2011

arel_y
Avoiding Deadlocks and Livelocks in Concurrent Programming

Avoiding Deadlocks and Livelocks in Concurrent Programming

cano_yah
Threads and Concurrency in Programming

Threads and Concurrency in Programming

alla_o
Processes, Threads, and Thread Management

Processes, Threads, and Thread Management

fkob
Evolution of JRA for Justice Information Sharing

Evolution of JRA for Justice Information Sharing

koch_yl
Introduction to Java Threads: Software Design and Construction

Introduction to Java Threads: Software Design and Construction

tey_knu
FICAM Status Update & Adoption Process Overview

FICAM Status Update & Adoption Process Overview

dgagn
Update on GFIPM Metadata Status

Update on GFIPM Metadata Status

ele_can

More Related Content