Identity Management Topics

Identity Management Topics

Identity management for the federal government is complex, so we’ve provided brief definitions of various topics that you’ll find on this website, as well as explanations of the programs we manage and support.

Approved Products List

Products and services related to FICAM implementation that have been tested and approved through the FIPS 201 Evaluation Program for use by the Federal government.

Access Control and Attribute Governance Working Group (ACAGWG)

Supports guidance and standards development for a common language and understanding of access control attributes across the Federal government.

Certification Authority (CA)

An authority trusted by one or more users to issue and manage X.509 public key certificates and Certificate Revocation Lists (CRL).

Certificate Policies (CP)

Defines assurance levels asserted in a Certificate. The associated Certification Practice Statements (CPS) document operational practices that ensure trusted operations.

Controlled Unclassified Information (CUI)

Official information that has not been approved for public release and requires the application of controls and protective measures.

Electronic Signatures

Links to the document, Use of Electronic Signatures in Federal Organization Transactions (PDF, January 2013)
This document was a combined effort of the General Services Administration (GSA) and the Federal Chief Information Officers (CIO) Council at the request of the Office of Management and Budget (OMB). It provides general guidance for federal organizations regarding the use of electronic signatures in connection with electronic records and electronic transactions.

Federal Bridge Certification Authority (FBCA)

Federal Bridge Certification Authority (also known as “The Federal Bridge”) links together existing trust infrastructures and provides cross-certification amongst trust domain Public Key Infrastructures (PKIs).

Federal PKI Common Policy Framework (FCPCA)

Determines the minimum requirements for issuance of PKI credentials to Federal employees.

Federal Identity, Credential, and Access Management (FICAM)

The Federal government’s implementation of Identity, Credential, and Access Management (ICAM). The FICAM Program coordinates the implementation of security disciplines that help civilian federal agencies manage, monitor and secure access to protected electronic and physical resources.

Federal Information Processing Standard 201 Evaluation Program (FIPS 201)

Provides testing and certification of services for commercial products used in physical and logical access control systems.

Federal Information Security Management Act of 2002 (FISMA)

Legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats.

Federal Public Key Infrastructure (FPKI)

Provides the government with a common infrastructure to administer digital certificates and public-private key pairs, including the ability to issue, maintain and revoke public key certificates.

Federal Public Key Infrastructure Policy Authority (FPKIPA)

The Federal Trust Framework governance body for Public Key Infrastructure (PKI) credentials. Sets policy governing the FPKI Trust Infrastructure. Approves applicants for cross certification with the FBCA, including PIV-I issuers. Oversees the Certified PKI SSP Program.

Federal Public Key Infrastructure Management Authority (FPKIMA)

Governed under the FPKIPA, the FPKIMA provides trust infrastructure services to agencies.

FICAM Architecture

An enterprise architecture that is a conceptual blueprint defining what an organization is and does. This “blueprint” defines best practices for an organization to design, plan, and execute a strategy.

GSA Document Signing Tool

The GSA Document Signing Tool v2.0.0 is a free tool agencies can use to digitally sign their documents in a format accepted by the Office of the Federal Register Web Portal. The tools and all associated source code are available on Github as open source for any agency or public use.

Homeland Security Presidential Directive 12 (HSPD-12)

Legislation that defined the Personal Identity Verification (PIV) credential as the standard credential for federal employees and contractors to gain access to federal information systems and federally controlled facilities.

Identity, Credential, and Access Management (ICAM)

Security disciplines that enable the right individual to access the right resource, at the right time, for the right reason. ICAM is the tools, policies and systems that allow an organization to manage, monitor and secure access to protected resources. This includes electronic files, computer systems, or physical resources such as server rooms and buildings. ICAM creates trusted digital identities, binds those identities to credentials and leverages the credentials to provide authorized access to an agency‘s resources.

Identity Provider

The source to validate user identity in a federated identity system.

Independent Compliance Audits

Used by the Federal Public Key Infrastructure Policy Authority (FPKIPA) to ensure that Federal Public Key Infrastructure (PKIs) conform to appropriate requirements.

Logical Access Control System (LACS)

An automated system which controls an individual’s ability to access a computer system such as a workstation, network or application. It requires identity validation through a PIN, card, biometric or other token and can assign different access privileges based on roles and responsibilities.

Office of Government-wide Policy (OGP)

An office within the General Services Administration (GSA) that oversees technology policy.

Origin Network for Identity Exchange (ONIX)

A series of projects created to deploy multiple Identity Attribute Brokers (AB), Attribute Metadata Service (AMS) and Attribute Registry Service (ARS) across all federal agencies.

Performance Accountability Council (PAC)

A council responsible to the President for driving implementation of the Security and Suitability Reform Effort.

Physical Access Control System (PACS)

An automated system that manages the passage of people or assets through an opening(s) in a secure perimeter(s) based on a set of authorization rules (e.g., allows access to federally-controlled buildings).

Personally Identifiable Information (PII)

Any data that could potentially identify a specific individual or be used to distinguish one person from another.

Personal Identity Verification (PIV) Credential

The PIV credential is an ID card issued to all employees and contractors employed by the Federal government for more than six months. PIV credentials are only issued after individuals successfully complete a background investigation. They allow physical access to federal facilities and logical access to government computers and systems.

Public Trust Information

Information provided by the Federal Public Key Infrastructure Management Authority (FPKIMA) to verify that Certification Authorities (CA) operate in compliance with relevant Certificate Policies (CP).

Removed Products List (RPL)

Products and services that were on the Approved Products List (APL), but have been removed.

Trust Framework Solutions (TFS)

Governance of NIST SP 800-63 trust criteria, which confirms that identity services comply with federal standards. Industry collaboration to certify and approve third-party online identity proofing and authentication services for government use.

Trust Services

Trust Services enable government systems to leverage third party identity verification systems to meet specific identity and authentication needs.

If you have questions or can’t find what you’re looking for, please email us and we’ll do our best to help!
Page Reviewed/Updated: Nov. 9, 2017