Identity Management Roadmap and Maturity Levels
October 29, 2020
Page 1
Roadmap: Overview
Level 1: Basic Identity Level 2: Advanced Level 3: Service- Level 4: Business- Areas Management Identity Oriented Identity Driven Identity Establishing Identity Establishing a Central Separating ID Storage from Integrating ID -Driven Trusted Identity Applications and Systems Quality ID Concept business systems
Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Business Service- Driven Management Process Provisioning Entitlement Management
Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Centralized Sign -On Authentication Authentication Services Users
Access and Basic Web Access Decentralized Access Centralized Integrated Access Management Integration Federation Services Management Federation Management
Auditing, Policies and System Level Policy Based Approach at Audit and Compliance Consistant Policy Driven System Level Compliance Automation Compliance Auditing Services
Time/Maturity →
Page 2
Measuring Our Status: Fullfillment at Different Levels
Level 1: Basic Identity Level 2: Advanced Level 3: Service-Oriented Level 4: Business-Driven Areas Management Identity Management Identity Management Identity Management
Establishing Identity Establishing a Central Separating ID Storage Integrating ID -Driven Trusted Identity Quality ID Concept from Applications and business systems
Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Business Service- Driven Management Process Provisioning Entitlement
Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Authentication Centralized Sign -On Authentication Services Users
Basic Web Access Decentralized Access Centralized Integrated Access Access and Federation Management Management Integration Federation Services Management
Auditing, Policies and System Level Policy Based Approach at Audit and Consistant Policy Driven Compliance Auditing System Level Compliance Services Compliance Automation
Time/Maturity→
Completely Partially Implemented Not Implemented Legend: Implemented
Page 3
Defining Next Steps: Target Work Areas
Level 1: Basic Identity Level 2: Advanced Level 3: Service-Oriented Level 4: Business-Driven Areas Management Identity Management Identity Management Identity Management Establishing Identity Establishing a Central Separating ID Storage Integrating ID -Driven Trusted Identity Quality ID Concept from Applications and business systems
Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Management Process Provisioning Entitlement Management Business Service- Driven
Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Authentication Centralized Sign -On Authentication Services Users
Basic Web Access Decentralized Access Centralized Federation Integrated Access Access and Federation Management Management Integration Services Management
Auditing, Policies and System Level Auditing Policy Based Approach at Audit and Compliance Consistant Policy Driven Compliance Automation Compliance System Level Services
Time/Maturity→
Completely Not Planned Short- Term Targeted Long -Term Planned Legend: Implemented
Page 4
M-19-17 Maturity
I: Contextualizing Identity in the III: Adapting the Government’s IV: Shifting the Operating Model V: Improving Digital Interactions Areas Federal Government Approach to Homeland Security beyond the Perimeter with the American Public
Identity Green
Credential Green
Policy Red
Additional Green Authenticators
Deprovisioning Green
Access and Yellow Authorization
Federation Green Green
Legend: Exists Partial GAP Page 5
M-19-17 Maturity Cont’d
I: Contextualizing Identity in the III: Adapting the Government’s IV: Shifting the Operating Model V: Improving Digital Interactions Areas Federal Government Approach to Homeland Security beyond the Perimeter with the American Public
Interoperability Red
Risk Green Mitigation
Digital Green Signature
Governance Green
Architecture Green
Acquisition Green
Compliance Green
Legend: Exists Partial GAP
Page 6