Ad Image

Federated Identity Management Builds a “Network of Trust” for Homeland Security

Federated Identity Management Builds a Network of Trust for Homeland Security

Federated Identity Management Builds a Network of Trust for Homeland SecurityJason Miller covers civilian agencies in the federal government with a focus on technology and acquisition. He is also an executive editor at Federal News Radio. In a recent compelling article, Mr. Miller writes about the practical applications of federated identity management in the implementation of the Homeland Security Information Network (HSIN) – the trusted network for homeland security mission operations to share Sensitive But Unclassified information. According to the Department of Homeland Security (DHS), “Federal, state, local, tribal, territorial, international and private sector homeland security partners use HSIN to manage operations, analyze data, send alerts and notices, and in general, share the information they need to do their jobs.”

Mr. Miller believes, “Across the government, the homeland security agencies are a few steps ahead of most others when it comes to implementing identity management interoperability standards. The Justice Department, for example, sponsors identity management standards that let all levels of government exchange law enforcement data.”

Quoting Donna Roy, the executive director of DHS’ Information Sharing Environment Office and the program director for DHS’ Homeland Security Information Network and the National Information Exchange Model, the article explains how “DHS already is heading down a role-based identity management path for its employees and contractors.”

From Ms. Roy, “We are also working in the department on implementing a really rigorous, what I call, the information sharing and access policy framework. A way to codify what I know about the identity of a person who needs to access a DHS system or other systems for which we steward,” she said. “Everything I need to know about the data and how we need to protect the data, and then this other small piece called authorized purpose, which really codifies how we are charged to protect that data given the systems of records notices, privacy impact assessments and framework for that. I think we are putting in place some advanced interoperability standards.”

The full article and more of Mr. Miller’s work can be found here:

Share This

Related Posts