Identity Management Roadmap and Maturity Levels October 29, 2020 Page 1 Roadmap: Overview Level 1: Basic Identity Level 2: Advanced Level 3: Service- Level 4: Business- Management Identity Oriented Identity Driven Identity Areas Establishing Identity Establishing a Central Separating ID Storage from Integrating ID -Driven Trusted Identity Applications and Systems Quality ID Concept business systems Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Business Service- Driven Management Process Provisioning Entitlement Management Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Centralized Sign -On Authentication Authentication Services Users Access and Basic Web Access Decentralized Access Centralized Integrated Access Management Integration Federation Services Management Federation Management Auditing, Policies and System Level Policy Based Approach at Audit and Compliance Consistant Policy Driven System Level Compliance Automation Compliance Auditing Services Time/Maturity → Page 2 Measuring Our Status: Fullfillment at Different Levels Level 1: Basic Identity Level 2: Advanced Level 3: Service-Oriented Level 4: Business-Driven Areas Management Identity Management Identity Management Identity Management Establishing Identity Establishing a Central Separating ID Storage Integrating ID -Driven Trusted Identity Quality ID Concept from Applications and business systems Business Role -Driven; Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Service- Driven Management Process Provisioning Entitlement Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Authentication Centralized Sign -On Authentication Services Users Basic Web Access Decentralized Access Centralized Integrated Access Access and Federation Management Management Integration Federation Services Management Auditing, Policies and System Level Policy Based Approach at Audit and Consistant Policy Driven System Level Compliance Automation Compliance Auditing Compliance Services Time/Maturity→ Completely Partially Implemented Not Implemented Legend: Implemented Page 3 Defining Next Steps: Target Work Areas Level 1: Basic Identity Level 2: Advanced Level 3: Service-Oriented Level 4: Business-Driven Areas Management Identity Management Identity Management Identity Management Establishing Identity Establishing a Central Separating ID Storage Integrating ID -Driven Trusted Identity Quality ID Concept from Applications and business systems Provisioning and Role Basic Provisioning Role -Based Complete Enhanced Role and Business Role -Driven; Process Management Provisioning Entitlement Management Business Service- Driven Single-Sign-On and Service -Oriented SSO w/ Strong Defined Authentication SSO for All Types of Authentication Centralized Sign -On Authentication Services Users Basic Web Access Decentralized Access Centralized Federation Integrated Access Access and Federation Management Management Integration Services Management Auditing, Policies and System Level Auditing Policy Based Approach at Audit and Compliance Consistant Policy Driven Compliance Automation Compliance System Level Services Time/Maturity→ Completely Not Planned Short- Term Targeted Long -Term Planned Legend: Implemented Page 4 M-19-17 Maturity I: Contextualizing Identity in the III: Adapting the Government’s IV: Shifting the Operating Model V: Improving Digital Interactions Areas Federal Government Approach to Homeland Security beyond the Perimeter with the American Public Identity Green Credential Green Policy Red Additional Green Authenticators Deprovisioning Green Access and Yellow Authorization Federation Green Green Legend: Exists Partial GAP Page 5 M-19-17 Maturity Cont’d I: Contextualizing Identity in the III: Adapting the Government’s IV: Shifting the Operating Model V: Improving Digital Interactions Areas Federal Government Approach to Homeland Security beyond the Perimeter with the American Public Interoperability Red Risk Green Mitigation Digital Green Signature Governance Green Architecture Green Acquisition Green Compliance Green Legend: Exists Partial GAP Page 6 .