Protiviti serves as a trusted advisor and consultant in contracts spanning all phases of federal identity management (IdM) programs. We believe in leveraging our deep experience as the prime contractor for the General Services Administration (GSA) to help federal agencies across all technical, policy, governance, operations and business areas related to IdM:
- Design, Development, Operations, and Governance
- Standards Conformance and Physical Access Control Systems (PACS) Interoperability Testing for the IdM Community
- Standards Requirements and Technical Guidance
Protiviti supported several key portions of the original e-Authentication Initiative, and more recently, has been a lead contractor in unifying government-wide IdM objectives to ensure consistency and coordination under Homeland Security Presidential Directive 12 (HSPD-12) and many other federal Identity Credentialing and Access Management (ICAM) mandates.
Protiviti is instrumental in the advancement of ICAM through our work for the GSA and on other federal contracts. Our record of success includes breakthrough work in:
- Homeland Security Presidential Directive (HSPD)-12/PIV
- Personal Identity Verification Interoperable (PIV-I) for Non-Federal Issuers
- Federal Public Key Infrastructure (FPKI)
- Federal Identity Credential Access Management (FICAM) Roadmap and Implementation Guidance
- Trust Framework Provider (TFP) Assessments
- Identity Scheme Adoption and Profiles (ISAP)
Protiviti Contributions to Federal IdM Initiatives
Following are examples of Protiviti’s major contributions as a prime contractor for the GSA. We are currently:
- Operating the FPKI Certification Authorities on behalf of the GSA.
- Operating the ICAM Lab on behalf of the GSA.
- Working with the GSA and product vendors to implement the next-generation redesign ofwww.idmanagement.gov; this includes incorporating a robust content management system, collaboration capabilities, and acceptance of third-party credentials at Level of Assurance (LOA) 1 through LOA 4.
- Working on the design for the E-Gov Trusted Services Metadata Authority (EGTS MA).
- Working on the next version of the FPKI.
- Operating a PIV-I card test and approval capabilities in our ICAM Lab, following the development of the PIV-I Test Plan and test tools with the GSA.
In addition, Protiviti has worked with the GSA to:
- Design the Shared Component Architecture for issuing PIV Cards.
- Define PIV-I cards, through the Federal Identity Credentialing Committee (FICC); Protiviti is now working on the next version with the FPKI (see list of current work above).
- Develop the Backend Attribute Exchange (BAE) specifications.
- Develop the Enterprise Segment Architecture for IdM.
- Develop the Trust Framework Adoption Process, Identity Scheme Adoption Process, three ICAM SC Scheme Profiles, and reference implementations for Open Identity for Open Government.
- Design and implement the E-Gov Trust Services Certificate Authority (EGTS CA) to provide a governance infrastructure for BAE.
Standards Conformance and PACS Interoperability Testing for the IdM Community
Maintaining an effective laboratory environment is a fundamental prerequisite to performing physical access control systems (PACS) equipment testing. For more than eight years, Protiviti has been operating IdM labs on behalf of the GSA. The robust, stable lab environments we host have been used to test more than 70 agency programs, and dozens of commercial off-the-shelf (COTS) products, including PIV-I cards.
Since 2002, Protiviti also has performed comprehensive interoperability testing of PACS equipment and PIV cards in support of the GSA’s Approved Product List (APL) program.
Through work conducted at our Top Secret Clearance Facility, we have provided technical guidance on the implementation of a wide range of IdM technologies and architectures, including HSPD-12 Shared Component Architecture. This guidance, along with testing and interoperability lab services, has contributed to the success of the GSA’s HSPD-12 Managed Service Offering, PIV-Interoperable Smart Cards and Open Identity Solutions for Open Government.
Protiviti’s deep expertise in operating systems, computer hardware, virtual machines, firewalls and network architecture allows us to support the IT testing needs of any federal customer.
Standards Requirements and Technical Guidance
Overarching expertise in IdM guidelines supports Protiviti’s ability to reconcile various initiative requirements, guidelines and policies. Because our experts understand how these elements work together, we can identify inconsistencies, gaps and redundancies in guidance.
Protiviti directly contributes to the development and dissemination of security standards requirements through our contracts supporting the ICAM subcommittee of the Chief Information Officers (CIO) Council, and lead multiple ICAM working groups to promote understanding and adoption of standards requirements across federal agencies.
With demonstrated strong capabilities in information asset management (IAM) research and thought leadership, our IAM experts have led or been major contributors to key government-wide IdM guidance documents, including:
- Detailed Re-Design of the Federal Public Key Infrastructure Architecture (September 2009)
- The Realized Value of the Federal Public Key Infrastructure (FPKI) (January 2010)
- Security Assertion Markup Language (SAML) 2.0 Web Browser Single Sign-On (SSO) Profile, Version 1.0 (September 2010)
- Personal Identity Verification Interoperable (PIV-I) Test Plan (November 2010)
- Configuring a Common Policy Trust Anchor with Agency-Issued SSL Server Certificates, Version 1.0.1(January 2011)
- Federal Physical Access Control System (PACS) Guidance (June 2011)
- Backend Attribute Exchange (BAE) Governance Document, SAML 2.0 Profile, and SAML 2.0 Metadata Profile (August 2011)
- Use of Electronic Signatures in Federal Agency Transactions (November 2011)
- FPKI Concept of Operations (CONOPS) (January 2012)
- FPKI Community Incident Management Plan (January 2012)