 |
Identity, Credential and Access Management (ICAM)
In September 2008, the Federal CIO Council established the
Information Security & Identity Management Committee. The ISIMC, as it is commonly called, was charged with
overseeing the government-wide activities related to Cybersecurity and Identity Management. In turn, the ISIMC
established four subcommittees. The Identity, Credential and Access Management Subcommittee, often referred to as
ICAM is co-chaired by GSA and DoD and is tasked with aligning the Identity Management activities of government,
while the remaining three deal with the cybersecurity taskings. There are six working groups associated with the
ICAM.
- Federal PKI Policy Authority - administers the policies of Federal PKI
- Roadmap Development Team - review team for the development and content of the ICAM Roadmap and Implementation Guidance
- Architecture Working Group - develop the new ICAM technical architecture
- Citizen Outreach Focus Group - to make recommendation concerning solution sets for government-to-citizen interaction
- Federation Interoperability Working Group - determine business drivers and terms of engagement for inter-organizational trust
- Logical Access Working Group - developing guidance/best practices to assist agencies in implementing log on/authentication capabilities using PIV cards
ICAM Mission: Fostering effective government-wide identity and access management, enabling trust in online
transactions through common identity and access management policies and approaches, aligning federal agencies
around common identity and access management practices, reducing the identity and access management burden for
individual agencies by fostering common interoperable approaches, ensuring alignment across all identity and access
management activities that cross individual agency boundaries, and collaborating with external identity management
activities through inter-federation to enhance interoperability.
The Federal ICAM segment architecture provides Federal agencies with a consistent approach for managing the vetting
and credentialing of individuals requiring access to Federal information systems and facilities. The ICAM segment
architecture will serve as an important tool for providing awareness to external mission partners and drive the development and
implementation of interoperable solutions.
Enabling Policy and Guidance represents a sampling of the policies, mandates and standards work that has advanced the cause of good
identity management for electronic transactions over the past ten years.
M-04-04 "E-Authentication Guidance
for Federal Agencies" provided the basis for trusted transactions across all four sectors of government while HSPD-12 and
FIPS 201
provided a standard or common identity standard for the Federal government. OMB Guidance M-04-04 establishes four
authentication assurance levels. NIST Special
Publication 800-63 "Electronic Authentication Guideline" supplements OMB Guidance M-04-04.
Page Last Updated: August 26, 2009
|
|
| |
|
|
|
|
| |
|
Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance dated November 10, 2009 -
Click
here to view this document that provides agencies with architecture and implementation guidance that addresses existing
ICAM concerns and issues
|
|
|
| |
|
|
|
|
| |
|
Identity, Credential, and Access Management (ICAM) Roadmap Snapshot -
Click
here to view a snapshot that describes the core components of ICAM, provides a description of the Roadmap, lists five
strategic goals and their related objectives, as well as the value proposition of the ICAM segment architecture
|
|
|
| |
|
|
|
|
| |
|
Federal ICAM Trust Framework Provider Adoption Process for Levels of Assurance 1, 2, and Non-PKI 3 dated September 4, 2009 -
Click
here to view this document that defines a process whereby the government can assess the Trust Frameworks for federal purposes
|
|
|
| |
|
|
|
|
|
