Good suggestion from Dee about adding the key management
language.
__________________________________
John T. Sabo, CISSP
Director, Global Government Relations
CA, Inc.
Suite 1220
1401 I Street NW
Washington DC 20005
Tel: +1 202-513-6304
Mobile: +1 443-629-6198
Fax: +1 202-513-6395
------------------------------------
This e-mail message is for the sole use of the intended
recipient(s) and may contain confidential and/or privileged information. Any
unauthorized review, use, disclosure or distribution is prohibited. If you are
not the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message.
What about adding to topics:
Where are my keys? Large public/private enterprises consume/create
enormous amounts of encrypted keys. What is the future of key discovery,
maintenance and interoperability?
Hello
Everyone – thanks for all the comments. The final version is attach
and set to go out tomorrow J
Identity
Management 2009
Transparent
Government - Risk, Rewards and Repercussions
****
Potential
Audience
Chief
Information Security Officer (CISO/CSO) - Security Executive CIO/CTO - Info
Systems/Technology Executive Chief Compliance Officer/Risk/Privacy Officer
Security Director/Manager/Consultant IT Director/Manager/Consultant
Compliance/Risk/Privacy Director/Manager/Consultant Security Staff IT Staff
Architect Legal Advisor IT Auditor
*****
Barack Obama has directed the U.S. National Security
Council and Homeland Security Council "to defend our information and
communications infrastructure, strengthen public/private partnerships, invest in
cutting edge research and development and to begin a national campaign to
promote cyber-security awareness and digital literacy." The U.S. federal
government aims to accomplish all of this while becoming increasingly open and
transparent.
President
Obama also vowed not to dictate security standards to private companies and not
to monitor private sector networks or Internet traffic, promising to
"preserve and protect personal privacy and civil liberties."
HOW
DO WE BALANCE OPEN ACCESS, TRANSPARENCY AND ACCOUNTABILITY WITH SECURITY AND
PRIVACY?
As
national and international governments endeavor to manage citizen's identities
while providing open, transparent and trusted services, the challenges of
managing identities and access to information on such huge scales require
careful planning, a strong policy focus, and attention to standards and
interoperability.
Topics
addressed include, but are not limited to:
1. Information Cards/OpenID/SAML.
How can these standards enable more secure access to sensitive and personal
information across government agencies and with third party-sites supporting
government operations?
2.
Social Media. What are the security risks to agencies that plan to use and
support these new, publicly available, previously unimaginable technologies and
services?
3.
Authentication. Can federated digital identity web platforms completely
eliminate the need for multiple usernames and accounts for different agency
portals?
4. Smart Cards. Many national
economic stimulus systems and applications will require multi-factor
authentication including smart cards – how are government agencies using
this technology?
5.
Citizen Privacy. What privacy protections are possible in federated systems?
6.
Citizen Trust. Can citizens really be trusted to manage their own identity
attributes?
7.
Cloud Computing. How do we balance its benefits while managing identity risks?