2019 Agenda
7:30 – 8:45
REGISTRATION
Coffee and pastries
8:45 – 9:00
Welcome and Agenda Review
Randy Vanderhoof, Executive Director, Secure Technology Alliance
9:00 – 9:30
Keynote Speaker
Securing Critical Infrastructure and the Federal Government – What Problem is Government Trying to Solve?
The speaker will be presenting how the use of federal enterprise-wide digital identity credentials enables government to achieve its mission to secure critical infrastructure and serve government agencies, workers, and citizens.
Ross Foard, CDM Sr. Engineer & ICAM SME, US CISA, Cybersecurity Division, DHS
9:30 – 10:00
Keynote Speaker
Unmanned Aircraft Systems (UAS), Using Remote Identification to Distinguish Friend from Foe
The speaker will present a proposed approach to leverage public key infrastructure to secure the authenticity and integrity of the drone ID using a two-step signing approach to bind the manufacturing drone ID to the operator ID.
Robert Segers, Aeronautical and Weather Services Technical Manager, FAA
10:00 – 10:30
Keynote Speaker
The Search for Trust in a Haystack of Digital Authenticators
The speaker will explain what authenticators are being used and what new authenticators are being considered for securing federal identity and how they align with SP800-63-3.
David Temoshok, Senior Policy Advisor, Applied Cybersecurity, NIST IT Laboratories
10:30 – 11:00
BREAK
11:00 – 12:15
Panel Session
What Happens When Identity Credentials Are No Longer Safe and Protected?
This panel session will discuss the effects of when individual credentials are stolen
- What Are the Protections Available?
- What Data is Stolen, Where is it Used?
- What is a Multiplying Effect on Risk for Cloud Migration?
- Does Everything Belong in the Cloud?
Jeff Nigriny, CEO, Certipath (Moderator)
Ted Ross, CEO, Spycloud
Jasvir Gill, CEO, Alert Enterprise
Blake Hall, CEO, ID.me
12:15 – 1:30
LUNCH and EXHIBITOR TIME
1:30 – 2:00
Featured Speaker
New Approaches for Authentication – How SAML, OpenID Connect, FIDO-enabled Devices Align with SP 800-63
The session will consider how these open-sourced and commercial authentication methods for government use are compatible with the assurance levels in SP 800-63-3
Andrew Regenscheid, Mathematician, NIST
2:00 – 3:15
Featured Panel Session:
Advancing Implementation and Procurement Best Practices for Government Physical Access Control Systems
The panel will address updated recommendations for implementation of government physical access control systems based on recent revisions to NIST SP 800-116 guidance and anticipated changes to streamline security technology and services procurement for federal agencies
Panelists:
- Lars Suneborn, ID Technology Partners
- Michael Kelly, Parsons
- Mark Dale, Xtec
- William Windsor, Department of Homeland Security
3:15 – 3:45
BREAK
3:45 – 4:15
Featured Speaker
A View of the Identity Applications for Mobile Drivers Licenses and REAL ID
Geoff Slagle, Director – Identity Management, AAMVA
4:15 – 5:30
Featured Panel Session: Use of Multi Factor Authentication to Access Secure Government Services
The panel session will cover different use cases of government-issued security credentials and access to secure facilities and networks
Moderator: Jatin Deshpande, G+D Mobile Security
- PIV PACS/LAC Use Case – Cindy Szayer and Stewart Clatterbaugh, U.S. Citizenship & Immigration Services
- TWIC and PIV alignment – Enhancements in a Next Generation Data Model – Drew Sindlinger, TSA TWIC
- Purebred Mobile – DISA/DOD Mobile ID – Brandon Iske, DOD DISA
- ePACS – Update on the Interagency Security Council (ISC) Guidance for ePACS Implementation – Will Morrison, FAA and ISC
5:30 – 7:00
Networking Reception
7:30 – 8:30
REGISTRATION
Coffee and pastries
8:30 – 8:45
Day 2 Welcome and Agenda Review
Randy Vanderhoof, Executive Director, Secure Technology Alliance
8:45 – 9:30
Government Leadership Report
This session will include updates from the leaders of important federal identity management and access security programs
- OMB Federal Identity and Security Policy – Jordan Burris, OMB
- NIST – FIPS 201 -3 Revisions- Hildegard Ferraiolo, NIST
- GSA/FAS Procurement Changes to Schedule 70 and 84 – Kevin Mitchell, GSA
- GSA / FICAM Report – TBD
10:15 – 10:45
BREAK
10:45 – 12:00
Day 2 Roundtable: Future of Mobile Identity in Government
A mix of short presentations and discussion on mobile identity, mobile derived credentials, mobile driver’s licenses; use of FIDO Authentication, and other mobile identity and authentication approaches
- Tom Lockwood, NextgenID (Moderator)
- Neville Pattinson, Thales
- David Kelts, GET Group NA
- Paul Grassi, Easy Dynamics
- Jean-Baptiste Milan, HID Global
12:00
CONFERENCE CONCLUDES (No lunch served)
Mobile devices are increasingly the primary device that employees, customers and citizens are using to authenticate their identity when accessing online services from companies and governments and to pay for products both online and in store. While providing a rich and secure platform for storing identity credentials and using them for authentication for these services, implementation approaches vary across industry sectors on how identity credentials are provisioned and used and what technologies are used to store and present the credential. This workshop will provide detailed presentations on two mobile identity credential initiatives – mobile driver’s licenses and the Federal government’s derived PIV credentials – and explore how they can be used in various use cases. The workshop will also look at current commercial standards and practices for using mobile identity credentials for online authentication.
1:00 – 1:15
Welcome and Introduction
Randy Vanderhoof, Executive Director, Secure Technology Alliance
1:15 – 2:15
Mobile Driver’s Licenses
Mobile driver’s licenses have the potential to revolutionize identity authentication processes in a wide variety of use cases. This session will provide an in-depth look at the status of mobile driver’s license standards, security frameworks, and the emerging processes for identity proofing, provisioning, and digital presentation for authentication. Panelists will offer an exploration of how mobile driver’s licenses can be used to provide identity authentication for various use cases — law enforcement, proof of identity, age verification, and access to government facilities.
- Presentation: Mobile Driver’s License Overview
- Speaker: David Kelts, GET Group NA
- Panel: Use Cases for the Mobile Driver’s License
Panelists:- State Services – Negash Assefa, Maryland MVA
- Federal Services (TSA) – Ted Sobel, DHS – TSA
- Retail Proof of Age/ Identity – Suraj Sudhakaran, Thales
2:15 – 3:15
Derived Credentials in Mobile Identity
This session will discuss how derived credentials can be used with mobile devices to provide secure, easy-to-use identity authentication within the Federal government.
- Presentation: Derived Credentials Overview: What They Are and How They’re Used
- Speaker: John Fessler, Exponent
- Panel: Use Cases for Derived Credentials
Panelists:- DoD/Purebred – Brandon Iske, DISA (invited)
- Commercial – Keith Ward, TSCP
- Federal – John Bejjani, Entrust Datacard
3:15 – 3:45
BREAK
3:45 – 4:45
Using Mobile Identities for Online Authentication: Current Standards and Practices
This session will discuss the current standards and best practices for online mobile identity authentication in the commercial environment, including the role of biometrics in mobile authentication.
- Presentation: Current Standards for Online Authentication using Mobile Devices (FIDO, W3C, NIST)
- Speaker: Chris Edwards, Intercede
- Panel: Making Sense of the Standards
Panelists:- Tracy Hulver, IDEMIA
- Olivier Van Nieuwenhuyze, GlobalPlatform
- Joshua Hill, UL
4:45 – 5:00
Wrap-up and Conclusion