Identity Management Roadmap and Maturity Levels

October 29, 2020

Page 1

Roadmap: Overview

Level 1: Basic Identity Level 2: Advanced Level 3: Service- Level 4: Business- Areas Management Identity Oriented Identity Driven Identity Establishing Identity Establishing a Central Separating ID Storage from Integrating ID -Driven Trusted Identity Applications and Systems Quality ID Concept business systems

Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Business Service- Driven Management Process Provisioning Entitlement Management

Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Centralized Sign -On Authentication Authentication Services Users

Access and Basic Web Access Decentralized Access Centralized Integrated Access Management Integration Federation Services Management Federation Management

Auditing, Policies and System Level Policy Based Approach at Audit and Compliance Consistant Policy Driven System Level Compliance Automation Compliance Auditing Services

Time/Maturity →

Page 2

Measuring Our Status: Fullfillment at Different Levels

Level 1: Basic Identity Level 2: Advanced Level 3: Service-Oriented Level 4: Business-Driven Areas Management Identity Management Identity Management Identity Management

Establishing Identity Establishing a Central Separating ID Storage Integrating ID -Driven Trusted Identity Quality ID Concept from Applications and business systems

Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Business Service- Driven Management Process Provisioning Entitlement

Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Authentication Centralized Sign -On Authentication Services Users

Basic Web Access Decentralized Access Centralized Integrated Access Access and Federation Management Management Integration Federation Services Management

Auditing, Policies and System Level Policy Based Approach at Audit and Consistant Policy Driven Compliance Auditing System Level Compliance Services Compliance Automation

Time/Maturity→

Completely Partially Implemented Not Implemented Legend: Implemented

Page 3

Defining Next Steps: Target Work Areas

Level 1: Basic Identity Level 2: Advanced Level 3: Service-Oriented Level 4: Business-Driven Areas Management Identity Management Identity Management Identity Management Establishing Identity Establishing a Central Separating ID Storage Integrating ID -Driven Trusted Identity Quality ID Concept from Applications and business systems

Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Management Process Provisioning Entitlement Management Business Service- Driven

Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Authentication Centralized Sign -On Authentication Services Users

Basic Web Access Decentralized Access Centralized Federation Integrated Access Access and Federation Management Management Integration Services Management

Auditing, Policies and System Level Auditing Policy Based Approach at Audit and Compliance Consistant Policy Driven Compliance Automation Compliance System Level Services

Time/Maturity→

Completely Not Planned Short- Term Targeted Long -Term Planned Legend: Implemented

Page 4

M-19-17 Maturity

I: Contextualizing Identity in the III: Adapting the Government’s IV: Shifting the Operating Model V: Improving Digital Interactions Areas Federal Government Approach to Homeland Security beyond the Perimeter with the American Public

Identity Green

Credential Green

Policy Red

Additional Green Authenticators

Deprovisioning Green

Access and Yellow Authorization

Federation Green Green

Legend: Exists Partial GAP Page 5

M-19-17 Maturity Cont’d

Interoperability Red

Risk Green Mitigation

Digital Green Signature

Governance Green

Architecture Green

Acquisition Green

Compliance Green

Legend: Exists Partial GAP

Page 6