Does That Cloud Look Like A Pig? Putting the Fed in Federation: Part II

Back in February, if you read our post on Putting the Fed in Federation: The U.S. Government as Early Adopter of the Identity Ecosystem and thought “when pigs fly,” you probably weren’t alone. But with the announcement that the United States Postal Service (USPS) has awarded SecureKey Technologies with a contract to stand up the Federal Cloud Credential Exchange (FCCX), you might just want to keep your eye on the horizon.

This award is another milestone in the implementation of the NSTIC, and means that the FCCX project can move into the pilot implementation phase. The Department of Veterans Affairs and the National Institute for Standards and Technology (NIST) will be participating. We expect that additional agencies will be announcing their participation over the next few months. Implementation is more than just the deployment of a technical hub-style federation solution though. The General Services Administration (GSA) has established a program management office to coordinate the integration between the cloud solution and Federal Identity, Credential & Access Management (FICAM) policy around approved identity providers, as well as to support continued agency engagement in building a governance framework and a successful business model. These components are key to enabling federal agencies to conserve resources through use of a shared service and to eliminate their paying the same firms to credential the same citizen multiple times – an area where government can drive significant cost savings, as evidenced by a recent NIST/IRS case study.  Moreover, we anticipate that progress in addressing the knotty areas of governance, liability and business models will facilitate maturation of the Identity Ecosystem.

FCCX’s value also lies in demonstrating that significant privacy risks can be managed through a combination of technical design and policy. If you had the opportunity to read the USPS RFP, you may have seen that one of the business requirements was that “[t]he FCCX service shall support the privacy requirements of anonymity, unlinkability and unobservability.” The vendor that was selected will be employing a proven, “double blind” architecture – a novel approach that will prevent tracking of credential use among identity providers and relying parties.  In simple terms, this means that private organizations that issue citizens credentials – and the agencies that accept them – will have no way to track where citizens use them.

In addition, the FCCX team will be working on the capability for identity providers to share needed attributes with federal agencies while limiting the attributes’ exposure within the hub through the development of privacy-enhancing cryptography in a commercially deployable protocol. Notwithstanding the number of NSTIC pilots exploring this latter subject – broad commercial deployment of privacy-enhancing cryptography remains elusive. The NSTIC NPO is in the planning stages to build a more coordinated platform to accelerate work in this area.

So stay tuned – there may be any number of pigs flying around in the coming months.

This entry was posted in Uncategorized. Bookmark the permalink.

One Response to Does That Cloud Look Like A Pig? Putting the Fed in Federation: Part II

  1. Jerry Kickenson says:

    The double blind architecture, as I understand it, is a broker that intermediates between relying parties and identity providers. This indeed supports anonymity to relying parties and can prevent linking by identity providers, but the broker still has the full view. Presumably there will be strong requirements on the broker with respect to its use and storage of this data.

    There are technical approaches to privacy using “private credentials”. These are offered and being piloted by IBM Identity Mixer (http://www.zurich.ibm.com/security/idemix/) and Microsoft U-Prove (http://research.microsoft.com/en-us/projects/u-prove/). Is anyone looking at these?

Leave a Reply

Your email address will not be published. Required fields are marked *

*