Information about http://www.bearingpoint.com/Documents/StaticFiles/c3366__hspd_12_cov.pdf
Capabilities Overview: PUBLIC SERVICES ENHANCING IDENTITY…
Tags: access control, bearingpoint, capabilities, compli, existing systems, feasibility, federal employees, fips 201, government agencies, homeland security, homeland security presidential directive, hspd 12, management solutions, management systems,Pages: 6
Language: english
Created: Mon Oct 10 10:46:38 2005
Display cached document
Page 1
Page 2
Page 3
Page 4
Page 5
Page 6
Capabilities Overview:
PUBLIC SERVICES
ENHANCING IDENTITY MANAGEMENT SYSTEMS TO
COMPLY WITH FIPS 201 AND HSPD-12 SECURITY
AND IDENTITY MANAGEMENT SOLUTIONS
Homeland Security Presidential Directive goals must be met by October 2006. All
BearingPoint provides
12 (HSPD-12), issued from the White federal agencies must be compliant by these
government agencies
House on August 27, 2004, presents certain dates, which in many cases will require
with tools and services to:
guidelines for improving secure identifi- extensive retooling of existing systems and
· Conduct feasibility
cation processes for federal employees and processes.
analysis and compli-
contractors. Historically, federal agencies
ance assessment of At BearingPoint, we leverage the specific
have not had any substantial standards
existing identity capabilities of our Security and Identity
management or or guidelines to follow when setting up
Management solutions, along with our vast
credentialing systems. physical or logical (cyber) access control
experience in providing solutions to com-
· Develop a successful systems for entry into a government facility
plex government credentialing issues --
migration plan to meet or network.
such as network and perimeter security,
the requirements of
To help agencies meet the goals of HSPD- smart card specifications, and identity
HSPD-12, FIPS 201
12, the U.S. Department of Commerce vetting and proofing--to help you develop
and other related
published guidelines on what standards robust user credentials and meet security
Special Publications.
and methods should be used to reach com- and identity requirements as outlined by
· Implement a robust,
scalable credentialing pliance. These are listed in the Federal FIPS 201 and HSPD-12.
solution based Information Processing Standards Publication
Our methodology begins with a full feasi-
on the smart card. 201: Personal Identity Verification (PIV) of
bility analysis of implementing smart card
Federal Employees and Contractors (FIPS
technology, including assessing your exist-
201). FIPS 201 divides the compliance
ing system design, process flows, privacy
processes into two parts: policy goals (PIV
concerns and risk factors, conducting a
I) and technical goals (PIV II). Agencies are
gap analysis and cost/benefit analysis, and
required to be in compliance with PIV I by
evaluating core technology and migration
October 27, 2005, whereas the technical
S T R AT E G Y, P R O C E S S & T R A N S F O R M AT I O N | C U S T O M E R R E L AT I O N S H I P M A N A G E M E N T | S U P P LY C H A I N M A N A G E M E N T
E N T E R P R I S E S O L U T I O N S | T E C H N O L O G Y I N F R A S T R U C T U R E & I N T E G R AT I O N | M A N A G E D S E R V I C E S
planning efforts. BearingPoint can also agencies will have different migration
help your agency implement a compliant paths to FIPS 201 compliance. To accom-
system. plish a successful migration, BearingPoint's
experienced professionals will work with
Once agencies comply with FIPS 201
you to evaluate your current systems,
requirements, a common identity proofing
determine which FIPS 201 technical and
process and credentialing system will be
operational requirements need to be met,
available across the U.S. government,
and create an efficient migration plan to
enhancing security while providing conven-
satisfy those requirements.
ience to federal employees and contractors.
BearingPoint's team of identity manage-
DEVELOPING A SUCCESSFUL ment professionals will not only design
MIGRATION PLAN and implement a credentialing system that
Based on significant experience in success- meets your agency's specific needs but will
fully designing, developing and imple- develop the critical policy and technical
menting credentialing solutions for large processes to help you comply with FIPS 201.
federal agencies, BearingPoint is qualified
Given the ambitious implementation
to help you meet the requirements of
schedule, you will need to quickly assess
HSPD-12 and its accompanying standards.
how to satisfy the FIPS 201 requirements
One objective of HSPD-12 is to strengthen and deploy a sound plan that will integrate
the identity proofing process by securely the same specifications. By leveraging our
binding a cardholder's information to a extensive experience and knowledge of large
card and encouraging interoperability federal credentialing projects such as the
between cards across the federal govern- Department of Defense's (DoD) Common
ment. The underlying intent of HSPD-12 Access Card, the Department of Home-
is to enhance the security and interoper- land Security's Transportation Worker
ability of governmentwide credentialing Identification Credential, the General
systems and not to introduce a completely Services Administration Credential, and
new credentialing process. Therefore, all our position as a prime contractor on the
government's Smart Access ID Card con- In addition, the method for determining BearingPoint's
tract, BearingPoint can help you through a program's compliance level takes into experienced
this process. account varying degrees of procedural professionals have
deployment. Once each standard has been a solid record
A WELL-ESTABLISHED analyzed as to its level of compliance, the of working with
RECORD OF FEDERAL results are broken out into functional areas government agencies
CREDENTIALING EXPERIENCE that aid in the gap analysis. Using the PIV on credentialing
Our experienced professionals have a assessment tool, a gap analysis has been and identity
solid record of working with government completed for the General Services management issues.
agencies on credentialing and identity Administration's card issuance program
management issues. These include the and is used in conjunction with the DoD's
following projects: Common Access Card migration program.
FIPS 201 Assessment Tool Identity Management Handbook
BearingPoint has developed and deployed BearingPoint worked closely with the Fed-
a PIV assessment tool for federal agencies. eral Identification Credentialing Commit-
This tool was developed to identify how tee, the Interagency Advisory Board and
well an agency's card issuance system several other agencies to define, develop
meets the standards set forth in FIPS 201. and publish the federal government's
The assessment provides a foundation for Identity Management Handbook. This
a gap analysis because the tool breaks the manual provides practical implementa-
requirements into logical areas and scores tion guidance to federal agencies seeking
each area, identifying the deficiencies of compliance with HSPD-12. To develop
the system or processes. BearingPoint used the handbook, BearingPoint actively par-
the gap analysis assessment tool to help ticipated in federal policy and technical
TSA develop an end-to-end system while working groups to evaluate and define cre-
keeping in mind the requirements of FIPS dentialing issues such as building security,
201 and supporting technical documents. network security, card specifications and
identity assurance.
The handbook features the following top- TWIC Program
ics, all of which address the FIPS 201 BearingPoint was chosen by the Depart-
requirements: ment of Homeland Security's Transpor-
· Identity proofing and registration tation Security Administration (TSA) to
· Issuance and maintenance develop and implement a prototype system
· Privacy for the Transportation Worker Identifi-
· Card life cycle cation Credential (TWIC) program. The
program's objectives are to improve security,
· Certification and accreditation
enhance commerce and protect personal
· Card requirements privacy information by developing a
· Logical access control uniform, nationwide credential for trans-
· Physical access control portation workers. TSA purposely made its
system requirements align with HSPD-12,
· Biometric specifications
FIPS 201 and other associated documents.
· Card reader specifications BearingPoint used the gap analysis assess-
· Card authentication ment tool to help TSA develop an end-
· Acquisition planning to-end system while keeping in mind the
requirements of FIPS 201 and supporting
· Migration planning
technical documents.
· Lessons learned/case studies
· Conformance testing The TWIC prototype is supported by a
technical solution that is scalable, secure
· Reference implementation
and based on open commercial off-the-
shelf (COTS) products. The components
are interoperable, modular and nonpropri-
etary, giving TSA flexibility while ensuring
that the solution does not lock the agency
into a single product design. The integrated
solution architecture allows workers and
their employers to initiate the enrollment
process by giving them access to Web- · Methodology and experience that can By working with
based interfaces on the Internet. The support rapid and accurate credential- BearingPoint, you
worker's identity is authenticated using ing business and technical decisions to can take advantage
biometrics, background checks and iden- meet the FIPS 201 implementation of our knowledgeable
tity proofing documents. The enrollment schedule professionals who
portal is secure, protects users' privacy · Ability to deliver a smart card solu- assisted the GSA
rights, reduces the requirement for redun- tion that is reliable, robust, standards- in authoring the
dant credentials and background checks, compliant and highly scalable HSPD-12 implemen-
and lowers TSA's administration costs. tation guide and
· Ability to deploy a COTS-based
system that integrates multifactor design an integration
BRINGING VALUE
authentication mechanisms, including project that complies
TO FEDERAL AGENCIES
smart cards, biometrics, public key with government
By working with BearingPoint, you can standards and
infrastructures and personal identifi-
take advantage of our knowledgeable pro- specifications.
cation numbers
fessionals who assisted the GSA in author-
ing the HSPD-12 implementation guide Your agency will face a host of people,
and design an integration project that process and technology challenges as you
complies with government standards and work toward complying with the identi-
specifications. fication mandates required by HSPD-
12 and FIPS 201. BearingPoint can help
Specifically, BearingPoint offers your
you develop a strategic plan and manage
agency the following services:
the change in your organization as you
· Fundamental understanding of the implement vital new policies and proce-
HSPD-12 and FIPS 201 directives dures to develop a more efficient and
· Gap analysis that can create a strong secure identification system.
foundation for a migration program
toward PIV I and PIV II compliance
BUSINESS AND
SYSTEMS ALIGNED.
BUSINESS EMPOWERED.
BearingPoint is a leading global business
advisor, systems integrator and managed
services provider. Our experienced profes-
sionals help organizations around the
world set direction to reach their goals
and create enterprise value. By aligning
their business processes and information
systems, we empower our clients with
the right business solutions to gain com-
petitive leadership advantage--delivering
results in an accelerated time frame. To
learn more, contact us at 1.866.BRNGPNT
(+1.703.747.6748 from outside the
United States and Canada) or visit our
Web site at www.bearingpoint.com.
BearingPoint | 1676 International Drive | McLean, VA 22102 | 1.866.BRNGPNT | www.bearingpoint.com
© 2005 BearingPoint, Inc. All rights reserved. Printed in the United States. C3366-1005-01-USRD626