Tuesday, November 27
| Pre-Conference Workshops
|
| 8:30-5:00 | Smart Card Alliance Workshop: Mobile Devices and Identity and Access Control Applications (CP01)
This full-day, interactive workshop will provide attendees with a detailed understanding of new uses for mobile devices in storing and presenting secure digital identity credentials for digitally signing email and accessing secure networks as well as using NFC-enabled mobile devices for physical access. This session will examine how to securely provision mobile devices and discuss various data storage models and use cases for mobile credentials for federal PIV, PIV-I, and CIV implementations.
Morning Session
• Mobile Devices as Identity Platforms. This session will provide a high-level overview of how mobile devices can be used as a platform for carrying identity credentials authenticating individuals. The session will discuss how mobile devices fit into the identity ecosystem and the impact that bring-your-own-device strategies have on identity credentialing initiatives. Speaker: Steve Pannifer, Consult Hyperion
• The Anatomy of a Mobile Device. This session will provide the foundation for understanding the capabilities of mobile devices. The session will describe the architecture and functions in a mobile device and the different approaches for securing applications and data on mobile devices (e.g., in the SIM/UICC, a secure element, within a trusted execution environment). Speaker: Brent Bowen, INSIDE Secure
• Fundamentals of Near Field Communication (NFC). This session will provide an overview of NFC. The session will cover all of the NFC operating modes and tag types to provide a foundation for understanding NFC-enabled mobile devices and how they can be used for identity and access control applications. Speaker: Stefan Barbu, NXP
• Provisioning Applications and Data in Mobile Devices. This session will provide an overview of how applications and data are securely provisioned in mobile devices. Speaker: David Wood, C-SAM
Afternoon Session
• Mobile Devices and Identity Credentials. This session will describe different approaches for storing and using identity credentials on mobile devices, and how the move to bring-your-own-device strategies impacts identity and access control applications. Speaker: Chris Edwards, Intercede
• PIV Credentials on Mobile Devices. This session will discuss the approach that the Federal government has chosen for provisioning and using PIV credentials on mobile devices, including the impact of mobile PIV credentials on current FIPS 201 and PIV standards and policies. Speaker: Neville Pattinson, Gemalto
• Logical Access Use Cases for Identity Credentials on Mobile Devices. This session will describe logical access uses cases (e.g., signing email, decrypting email, logging on to computers and networks) using identity credentials on mobile devices. Speaker: Chris Gardner, SecureKey
• Physical Access Use Cases for Identity Credentials on Mobile Devices. This session will describe physical access uses cases for identity credentials on mobile devices. Speaker: Rob Zivney, ID Technology Partners
• Mobile Identity Best Practices Panel. This panel will include organizations that are defining requirements for or implementing identity and access control applications with mobile devices. The panel will discuss requirements and best practices.
Moderator: Sal D’Agostino, IDmachines LLC; Panelists: Cathy Tilton, Daon; Chris Edwards, Intercede; David Belchick, Citi
| Kantara Initiative Identity Summit (AC01)
Kantara Initiative is dedicated to providing platforms and resources for the growth and enrichment of the identity landscape. This Summit will contain presentations, panels and discussion from diverse market leaders discussing industry efforts focused on governance, assurance, certification and in particular how this relates to FICAM and NSTIC.
Join this workshop to learn about bout current progress and new community efforts underway in Identity Assurance services and standards. Learn about gaps being identified in expectations and standards which address public-private use case and product scenarios.
AGENDA:
1:00 - 1:30
WELCOME - LEVEL SETTING
- Use Cases in Gov Standards Compliance Id Management
- The future of Trusted Identity Services, NIST compliance
- Where do FICAM and NSTIC Fit in?
PRESENTER: Joni Brennan, Kantara
1:30 - 2:30
PANEL 1: Strong Assurance Standards: Components and partnerships - Identity Proofing and Credential Management
PANELISTS: Experian, Symantec, Daon, SecureKey
2:30 - 3:30
PANEL 2: Services by vertical: Health care and Veterans
PANELISTS: SureScripts, TroopID, MiiCard
3:30 - 3:45
- Break
3:45 - 4:30
GROUP DISCUSSION
- Gaps between Government and Private Scenarios
- Component Services (Identity Proofing / Credential Management)
FACILITATOR: Joni Brennan
4:30 - 5:00
CLOSING REMARKS
- Q&A
MODERATOR: Joni Brennan
| ICAM Information Sharing Day and Vendor Expo (IC01)
The ICAM Information Day and Vendor Expo is sponsored by the Identity, Credential and Access Management Sub Committee (ICAMSC). The day will be a blend of presentations and vendor interaction, with opportunities to ask questions and discuss your agency’s challenges and lessons learned. The focus of this ICAM Information Day and Vendor Expo will be the use of PIV credentials in relying party systems such as Physical Access Control Systems (PACS), Logical Access Control Systems (LACS), mobile devices and cloud services. The participating vendors will demonstrate their latest information assurance and security products and services related to the use of the PIV.
9:00 Welcome and Opening Remarks, Deb Gallagher (GSA), Paul Grant (DoD)
9:15 Keynote Address: Enabling CAC/PIV in a Mobile Government Workforce, Rob Carey, DoD
10:00 Opening of the Vendor Exhibits
12:00 Lunch break (lunch not provided)
12:30 Security Policy and Standards for Use of Mobile Devices on Federal Networks, Carol Bales (OMB)/ TBD (NIST)
1:00 Expectation of PIV use with Logical Access Systems, Bill Erwin (DoD)/TBD(NIST)
1:30 Expectation of PIV use with Mobile Devices, Deb Gallagher (GSA)/TBD (NIST)
2:00 Expectation of PIV use with Physical Access Systems
2:30 Afternoon Break – Vendor exhibits will remain open
3:00 FIPS 201-2 Status, Hilde Ferraiolo (NIST)
3:15 Update on FY FISMA Metrics for PIV Use, Glen Lee (DOE)/ Rajeev Pillai ( GSA)
3:30 Trust Framework Update, Anil John (GSA)
3:45 Open Discussion, Deb Gallagher (GSA), Paul Grant (DoD)
4:15 Closing Remarks, Deb Gallagher (GSA), Paul Grant (DoD)
4:30 Adjourn
| CSCIP & CSCIP/G Training & Certification Exam Prep(CS01)
This full-day training course is for CSCIP Certification candidates who wish to have a CSCIP smart card training course under the guidance of a trained CSCIP instructor before testing for certification. Before registering, please note these important prerequisites. |
Wednesday, November 28
| Conference Plenary & Track Sessions
|
| 8:00-9:00 | Registration Coffee and Pastries |
| 9:00-10:15 | Keynote Plenary Session (PS11)
9:00 Opening remarks: Randy Vanderhoof, Conference Chairman
9:15 Keynote Speaker #1: Mobility and Secure Credentialing, George Schu, Senior Vice President, Booz Allen Hamilton
9:45 Keynote Speaker #2: NSTIC Governance Structures and Pilot Programs, Jeremy Grant, Senior Executive Advisor for Identity Management for NIST |
| 10:15-11:00 | Networking Break in Exhibit Hall (Exhibit Hall Opens) |
| 11:00-12:15 | Keynote Plenary Session (PS12)
11:00 Keynote Speaker #3: Pierre Boucher, Deputy Chief Information Officer for the Government of Canada
11:30 Keynote Speaker #4: 2013 - The Year of Identity, Betsy Hight, RADM (USN, ret) Vice President, Cybersecurity Practice for HP Enterprise Services
|
| 12:15-2:00 | Conference Lunch in Exhibit Hall |
| Track 1: ID Security Technology & Applications | Track 2: ID Security Implementation & Policy | Track 3: Healthcare ID Security |
| 2:00-3:15 | Track Session (TA13)
Moderator: Harold Kocken, Deloitte & Touche LLP
• Featured speaker #1: Mobile: Options for Storing Mobile Credentials on a Smartphone, Neville Pattinson, Gemalto
• Featured speaker #2: Biometrics, Christophe Goyet, Oberthur Technologies
• Featured speaker #3: Cloud-based PACS Authorization, Michael Queralt, Queralt Inc.
| Track Session (IP13)
Moderator: Lars Suneborn, Hirsch Identive
• Featured speaker #1: OMB 11-11 Update, Carol Bales, OMB
• Featured speaker #2: GSA Approved Product List Conformance Program, Chi Hickey, GSA
• Featured speaker #3: Making Credentialing Documents More Secure, Rick Outland, Gemalto and Chairman of Document Security Alliance
| Track Session (HS13)
Moderator: Michael Magrath, Gemalto, Inc.
• Featured speaker #1: US Healthcare Market Trends, David Batchelor, LifeMedID
• Featured speaker #2: How Chip Cards Will Cut Fraud, Waste and Abuse in Medicare, Kelli Emerick, Secure ID Coalition
• Featured Speaker #3: National Disaster Life Support™ Program Office and HSC National Rollout, Dr. James James
|
| 3:15-4:00 | Networking Break in Exhibit Hall
|
| 4:00-5:15 | Roundtable Topic: Managing Network Security Using Mobile Devices in a BYOD Environment (TA14)
Panelists: James Zok, CSC (retired); Peter Cattaneo, Intercede; Hugh Cumming, SecureKey; Frazier Evans, BAH
| Roundtable Topic: Applying NSTIC’s Identity Ecosystem Principles for Internet Security (IP14)
Moderator: Sal D'Agostino, IDmachines LLC
Panelist: Joni Brennan, Kantara Initiative; Sal D'Agostino, IDmachines LLC; Kaliya Hamlin, Identity Woman, Ian Glazer, Gartner
| Panel Topic: Leveraging Patient Identity Smart Card Solutions to Connect Medical Records Across Multiple Provider Systems (HS14)
Moderator: David Batchelor, LifeMedID
Panelists: Roderick Bell II, Resolute Health; Nancy Farrington, Mainline Health System; Barry Hieb, Global Patient Identifiers; Richard Hodge, HIMSS
|
5:15-7:30
| Networking Reception in Exhibit Hall
|
Thursday, November 29
| Conference Track Sessions
|
| Track 1: Security Technology & Applications
| Track 2: Implementation & Policy Issues
| Track 3: Non-Government & International
| Gov.ID OPEN Unconference Session |
| 8:30-9:00 | Coffee and Pastries in Exhibit Hall
|
9:00-10:15
| Mobile Identity Credentialing and Security (TA21)
Moderator: Steve Rogers, Intellisoft
• Identifying the Problems to Solve with Mobile Device Security, Michael Robinson, Deloitte
• Mobile Derived Credentials, Jeffrey Ait, Director Public Sector, Good Technology representing DeviceFidelity
• PIV, PIV-I, GICS Convergence for Government Mobile ID Usage, Salvatore Francomacaro, NIST
• Securing a BYOD Business Culture, Chris Edwards, Intercede
| Alternative Approaches to an Open, Scalable Identity Ecosystem (NSTIC) (IP21)
Moderator: Sal D'Agostino, IDmachines LLC
• Usability and Accessibility, Mary Ruddy, Gartner
• Accreditation and Trust Framework, Ray Kimble, Deloitte
• Identity and Attribute Providers, Kimberly Little, Lexis/Nexis Risk Solutions
• Interoperability
| Non-Federal Usage of High Assurance Credentials (IN21)
Moderator: Chris Gardner, SecureKey Technologies Inc.
• Banking/Financial Applications, Kevin Kozlowski, Xtec
• State/Local Government Applications of High Assurance Credentials, Karyn Higa-Smith, DHS/FEMA
• Corporate Enterprise Applications, Keith Ward, TSCP
• Transportation Applications, Bob Gilson, DOD/DMDC
| Gov.ID OPEN Unconference Session A: Technology Issues (IO21)
The Government Conference attracts thought leaders from every sector, so it's the perfect forum for interactive peer-to-peer learning, collaboration and creativity. If you're ready to take a step beyond the conference sessions for a "deep dive" with colleagues, you'l want to attend. Employing the well-established unconference meeting framework and professional facilitators, we'll gather to create the agenda and meet in groups large and small for formal presentations, casual discussions, and everything in between. Session notes will be compiled into an online wiki. No previous experience is necessary--the process will become clear as it happens.
Prospective topics for this Technology Issues session include: NIST new FIPS revisions, mandated by end of year. Ramifications of these specifications and impact on the marketplace. Role of new devices in identity in the future. |
| 10:15-10:45 | Networking Break in Exhibit Hall
|
| 10:45-12:00 | Future Changes to the PIV Identity Ecosystems (TA22)
Moderator: Lolie Kull, HP Enterprise Services
• FIPS 201-2 Summary of Changes, Hildegard Ferraiolo, NIST
• SP 800-73-3 – Interfaces for Personal Identity Verification, Ketan Mehta, Booz Allen Hamilton
• SCA Strong Authentication WP, Joseph Tassone, Identive
• PIV Usability Impact Based on FIPS-201-2 Changes, Gilles Lisimaque, IDTP
| Use Cases From the 4 Bridges Forum (IP22)
Moderator: John Esser, Oberthur Technologies of America
• Judith Spencer, Certipath
• Deborah Gallagher, DOD
• Scott Rea, Research Education Bridge
• Peter Alterman, Ph.D., SAFE-BioPharma Assn.
| NSTIC Commercial Demonstration Project Pilots (IN22)
Moderator: Kirk Brafford, Deloitte & Touche LLP
• Daon Smart Mobile Device Pilot, Catherine Tilton, Daon
• Criterion Systems Consumer-selected Attributes Exchange Pilot, David Coxe, ID/DataWeb, Inc.
• AAMVA Cross Section Digital Identity Initiative Pilot, Paul Blanchard, AAMVA PMO
• Resilient Network Systems Secure Health & Educational Systems Pilot, Jonathan Hare, Resilient
|
| 12:00-1:30 | Lunch in Exhibit Hall |
| 1:30-2:45 | FICAM Applications Use Cases (TA23)
Moderator: Mark Steffler, Quantum Secure, Inc.
• FEMA, J'son Tyson, Chief, Identity Credential and Access Management Support Operations
• HSPD-12 PIV Card Implementation at The Department of Health & Human Services, Ken Calabrese, U.S. Department of Health & Human Services
• Pentagon, Roger Roehr, Roehr Consulting, and Derek Nagel, PFPA/PID/PSID
• Commonwealth of Virginia, Mike McAllister, Deputy Secretary of Veterans Affairs and Homeland Security
| Government High Assurance Credentials Implementation (IP23)
Moderator: Frazier Evans, BAH
• Border Control and Smart Documents, Patrick Hearn, Oberthur Technologies
• State-Issued Identity Credentialing and Access Management Framework (SICAM), Chad Grant, NASCIO
• Next Generation FIPS 201 APL, Charles Luddeke, FEMA & Steve Howard, CertiPath
| International ID Security Uses Case (IN23)
Moderator: Robert Merkert, RM Industries
• Australian National eHealth Transition Authority (NEHTA), Stephen Burmester, NEHTA
• World Map on eHealth, Dr. Detlef Houdeau, Infineon Technologies AG
• German ID Card, Andreas Phillip, Utimaco Safeware AG
| Gov.ID OPEN Unconference Session B: Policy, Applications, and Market Issues (IO23) (concludes at 5:30pm)
Prospective topics for this Policy, Applications, and Market Issues session include: Cloud security, authentication, attributes, cross-certification, perspectives on the focus of business and policy.
|
| 2:45-3:15 | Networking Break in Exhibit Hall. Exhibit Hall Closes at 3:15. Move-out Begins |
| 3:15-4:30 | ID Credentialing Usability and Accessibility (TA24)
Moderator: Donald Malloy, NagraID
• Troubleshooting Multi-technology PIV Interoperability, Lars Suneborn, Hirsch Identive
• Making Multi-technology Cards More Reliable, Martin Kuschewski, SmarTrac
• DHS TSA, Gerald Smith, IDTP, John Schwartz, TSA
• Creating a Managed Service Model for Provisioning Digital Keys and Credentials on NFC Phones, Jason Bohrer, HID Global
| Developing a Privacy Framework for Government Markets (IP24)
• Global Platform Privacy Framework, Kevin Gillick, GlobalPlatform
• Smart Healthcare: Enhancing Privacy for Data-Sensitive Information, Josh Jabs, Datacard Group
• New Trends in Identity Abuse, Dr. Stephen Coggestall, ID Analytics
| Convergence of Security Domains (IN24)
Moderator: Gurpreet Manes, SafeNet
• Converged Access Across Physical and Online World, Jerome Becquart, Identity Assurance with HID Global
• eID Cards and NFC, Helmut Scherzer, Giesecke & Devrient
• How to Secure Mobile Medical Records, Mansour Aaron Karimzadeh, PrivaMed
|
| 4:30-6:30 | CSCIP Exam (Separate Registration Required)
|
| 6:30-9:30 | GSN Homeland Security Awards (Separate Registration Required) |
