A number of foundational technologies are essential to building a robust information sharing environment (ISE). One of these key technology areas is whole-of-government identity and access management because the threats to our nation transcend a single agency or department’s scope. Consistent whole-of-government identity and access management helps enable interoperability and security across the enterprise architectures built and maintained by agencies and departments. This in turn advances the missions of ISE partners in a more cost-efficient and effective way.
The PM-ISE has long been involved in the identity and access management technology space through our inputs with the Federal Identity, Credential, and Access Management Roadmap (FICAM), discussions with the Global Federated Identity and Privilege Management (GFIPM) framework, involvement with the National Strategy for Trusted Identities in Cyberspace (NSTIC), and other identity management efforts. In order to responsibility to share AND protect information, ISE mission partners must know who requests, accesses, and shares. To do this effectively, we need whole-of-government identity and access management.
PM-ISE is interested in industry views on whole-of-government identity and access management. What is industry seeing in requests from proposals and procurements? Where should PM-ISE concentrate its efforts over the next three to five years? Are there solutions currently deployed in the government that can be leveraged by the rest of the community?
Association for Enterprise Information (AFEI) is hosting a series of informal meetings over the next two months to help address these types of questions. These discussions will result in an “outbrief” from AFEI about the industry group’s thoughts and recommendations. This briefing will be helpful to PM-ISE as it plans an industry event later in the year. PM-ISE encourages industry input into “next steps” and solutions associated with whole-of-government data standards, messaging/SOA frameworks, and information security frameworks.