Developing a Strong Trust Model

1
Developing a Strong Trust Model

• NAJIS 2005

2

• Agenda
• Introductions
• Trust Defined
• Trust Model
• Policy
• Technology
• Delivery
• Questions Hopefully Answers

3

• Trust defined.
• Trait of believing in the honesty and reliability
  of others
• Certainty based on past experience
• Complete confidence in a person or plan etc
• Have confidence or faith in
• Be confident about something
• Expect with desire.

4

• Why is trust so important?

5

• Information Sharing and the Need for Trust
• When Participants Need to Be Identified
• When Something Needs to Be Exchanged
• The integrated system must act as a medium in
  obtaining, facilitating and maintaining trust
  among participating agencies for each agencys
  information and services.
• Trust is based on 3 primary concepts
• Evidence
• Experience
• Perception
• Trust should be viewed from 2 perspectives
• The Provider perspective
• The Consumer perspective

6

• Trust defined.

• INFORMATION SHARING
• Bad perception
• No evidence
• Little experience

7

• Information Sharing and the need for Trust
• When Relationships Are Needed
• When relationships are established beyond what is
  traditionally considered the justice domain,
  trust must be established not by a gut feeling
  or vague notions but by solid and secure
  mechanisms.
• When You Need Consistent Behavior
• These mechanisms should be designed to ensure the
  integrity and character of external parties,
  ensuring that their behavior is consistent with
  expectations.

8

• Recap Information Sharing and the need for Trust
• Identity Vouching
• Information Exchange
• Relationship Management
• Behavior Management
• A Trust Model is Needed

9

• A Trust Model should
• Define and establish relationships and
  expectations
• Define appropriate behaviors
• Ensure behavior demonstrated is always aligned
  with expectations and relationships defined.
• Terminate relationships when behavior is
  misaligned.

10

• What is a Trust Model and what is it used for?
• A trust model is a conceptual representation used
  to describe the trusted relationship(s) between
  objects.
• A trust model becomes an effective tool in its
  ability to accurately represent the sometimes
  complicated relationships between one or more
  entities.
• In many relationships there are multiple levels
  of trust implemented, with a given context
  determining the level of trust utilized.
• Results in the definition of a trust agreement
  that is accepted by all parties. The agreement is
  the primary guideline or law for the trust
  relationship.

11

• Three Necessary Trust Model Components
• Policy
• Technology
• Delivery

12

• Policy The Foundation of a Strong Trust Model
• Policy should encompass
• The Provider perspective
• The Consumer perspective
• The User perspective
• Policy should clearly lay out
• Responsibilities (agency)
• Support, maintenance, SLAs, etc
• Roles (agency and individual)
• Requirements (agency and individual)
• Dissemination, Use and Misuse Policies

13

• Policies should encompass all relationships
• User to application This relationship defines
  the typical person interaction with a JNET
  application, which is typically a web page
  front-end.
• User to system This relationship defines a
  person interaction with a system at the operating
  system level.
• Application to application This relationship
  defines direct interactions between applications
  without the use of an intermediate proxy or
  service provider.
• Application to system This relationship defines
  interactions between an application and operating
  system level components.
• Application to service This relationship
  defines the interactions between an application
  (typically end-user facing, but not always) and a
  service provider (a component of an ISB/ESB)
• Service to service This relationship defines
  the interactions between services within an
  ISB/ESB

14
Policy should define information security and
access levels
15

• Policy
• Develop them if they don't exist
• Buy or borrow and custom fit to your initiative
• Error on the side of inclusion
• Involve legal counsel and member organizations
• Implement them properly
• Delivery is key
• Make it a mandatory step or review
• Manage compliance with established policies
• Address proper use and misuse
• Expect and plan for inappropriate use or
  dissemination

16

• Three Necessary Trust Model Components
• Policy
• Technology
• Delivery

17

• Trust Defined
• Trust is firm reliance on integrity, ability or
  character of a person or thing (an identity).
• Trust is expressed when relationships are
  established and managed through the verification
  of identities, and is maintained when the
  behavior demonstrated is consistently aligned
  with expectations as authorized.
• A trust relationship is comprised of two
  fundamental roles provider/source and consumer
• Identity Defined
• An identity is a designation assigned to an
  object that is comprised of the set of
  characteristics by which an object is
  definitively recognizable or known.
• An identity consists of traits, attributes, and
  preferences upon which once may receive
  personalized service.
• JNET applies the identity concept to all objects
  participating within its framework, including
  people, applications and devices.

18

• Technology The Enabler of a Strong Trust Model
• Recall - The Need for trust
• When Information Needs to Be Exchanged and
  Secured
• When Participants Need to be Identified
• When Relationships Must Be Managed
• When You Need Consistent Behavior
• Behavior is consistent with expectations.
• Technology provides for
• Established Security Model for Environment
• Identity Management Life Cycle
• Trust Mechanisms
• Need Autonomy over ownership of information
• Levels of trust and Interaction Service Level
  Contracts
• Auditing, Investigation and Escalation Mechanisms

19
JNET Security Model
The model illustrates the multiple layers for
security applied to the JNET environment.
Security Program
Auditing, Monitoring and Reporting

•  

•  

•  

Services Security
Application Security
Data Security
Infrastructure Security
Physical Security
Trust Model
Identity Management
Security Policies, Procedures and Guidelines
20
Trust and Identity Management

• From a Policy Perspective, Activities include
• Identity Vetting
• Source documents for identity proof are valid
• Person validating the documents is qualified and
  vetted
• Strong Credential Issuance
• A fully documented registration and issuance
  process
• Approvals are performed in accordance with
  standing practices
• Access Management and Control
• Access is requested based on need to know in
  accordance with federal, state and local mandates
• Access to resources are defined based on trust
  agreement and levels
• Administration and supervision
• Access to identity and access information is
  restricted
• Changes to information must be approved, via
  workflow, by the appropriate personnel
• Circumvention of controls is forbidden (tools,
  processes and procedures).
• Auditing and Reporting
• Regular reviews are conducted to ensure
  compliance with trust agreement
• Results are not disseminated to unauthorized
  personnel
• Reports are considered confidential

21
Trust and Identity Management

• From a Technology Perspective, Identity trust
  processes include
• Identity Enrollment and Registration Process
• Organization enrollment, vetting and registration
• Personnel enrollment
• Identity vetting
• Identity registration
• Identity provisioning
• Identity Administration
• Identity recertification
• Identity re-authorization
• Identity re-classifications
• Identity Removal
• Identity de-provisioning
• Identity retirement
• Identity archival
• Identity removal
• Trusted Credential Management
• Digital Certificates Issuance Smart Card
  Credentialing
• Credential renewal

22
Mechanisms for Ensuring Trust

• Mechanisms used to ensure trust model compliance
• Identity a collection of attributes that
  uniquely describe an object or entity.
• Authentication A process by which an entity or
  objects identity (credentials) is challengeable
  and validated.
• Authorization - A set of processes and controls
  used to restrict the resources an authenticated
  entity or object is allowed to access. There
  must be explicit authorization to perform a
  service.
• Access Control and Entitlement Mechanisms that
  allow the provision of fine-grained access
  control down to the functions users are able to
  perform with a given application. Users can be
  assigned roles for role and rule-based access
  control (RBAC)
• Audit the behavior of an identity can be
  demonstrable and audited to verify compliance
  with agreed authorizations.
• Recertification A process by which the trust
  assigned to an entity is reviewed and evaluated.
  The result of this process can be retaining of
  existing trust level modification of trust
  level complete revocation of trust.
• Revocation The result of trust agreement
  non-compliance.

23

• Trust Information Mechanisms
• Trust is a relationship
• Trustor Requestor the subject that trusts a
  target entity
• Trustee Trusted Provider the entity that is
  trusted The originator, source, proxy or broker
  of information requested
• For a distributed information system
• Trustor Consumer the consumer of information
  (and/or) the supplier of information
• Trustee the information being consumed (or
  supplied)

24

• There are three components in the Trust Model
• Partner JNET establishes a trusted relationship
  with another organization. This relationship is
  established both at the business and technical
  level. All organizations participating in JNET
  must complete this process.
• Proxy JNET is the trust hub, where two or
  more parties trust JNET, but do not necessarily
  trust each other. Additionally, no relationship
  of any kind is required of any participants other
  than with JNET.
• Broker JNET initiates both a technical and
  business dialog between two or more organizations
  with the goal of developing a trust relationship
  between those parties. These organizations may
  choose to directly communicate with each other by
  utilizing the JNET infrastructure. However, in
  order to leverage JNET security and trust models,
  the JNET infrastructure must be used, with JNET
  being a trusted partner of all organizations.

25
Trust Model Applied
26
(No Transcript)
27

• Technology Enablers A subset of technologies
• Firewall
• First line of defense
• Proxy Servers
• Purpose built to provide specific security
  functionality, such as authentication and
  authorization. Also provides for environment
  abstraction.
• Digital Credentials
• Digital certificates (with or without a PKI)
• Hardware tokens (smart card)
• Identity Management Systems
• Electronic forms with digital signatures
• Workflow
• Provisioning
• Centralized auditing and reporting
• Provides unified infrastructure for recording
  events at all layers within the environment

28
Trust Applied and Illustrated 1
5
4
3
2
1
6

• User and workstation establish trust
• User, workstation and security wall establish
  trust
• Security wall and web server establish trust
• Web server establishes trust with application and
  database servers
• Application and database servers establish trust
• Application server establishes trust with
  external data provider

29
Trust Applied and Illustrated 2
1
3
2
Context User access, business relationship

• User and organization establish trust
• Organization and JNET establish trust JNET
  trusts the trust relationship between the user
  and the organization
• JNET has trust relationship with data owner data
  owner trusts the trust relationship between JNET
  and the user/organization
• Note An organization has to receive approval
  from JNET Steering Committee before access is
  granted to JNET.

30

• Three Necessary Trust Model Components
• Policy
• Technology
• Delivery

31

• Building Trust through Delivery
• Reliability
• Day to day quality of service
• Consistency and repeatability
• Availability
• Data, system
• Unexpected downtime is unacceptable and can have
  serious consequences in Public Safety
  environment.
• Structured escalation procedures
• Scalability
• Ability to maintain under increased load or use
• Ability to meet ever expanding needs of Public
  Safety Community
• Accuracy of Data
• Data integrity
• Zero (if possible) data latency.

32

• Building Trust through Project Delivery
• Be selective to the project you take one
• Have structured approach to project delivery
• Project management
• Deliver projects on time and within budget
• Ensure projects focus on the customer and
  business processes
• If there is not a noticeable difference
• If business processes dont improve.

33
A Systematic Approach to Service Delivery
Delivery of projects in a systematic, structured
method. Project assessment, planning and
execution.
Project Life Cycle
PMO serves as central point for tracking,
reporting and management on all formal projects
Project Management Office
Lists current projects with description, sponsor,
status, milestone and delivery dates
Critical Path Matrix
Outlines the projects for entire fiscal year and
ensures alignment with Strategic Plan
Yearly Business Plan
Outlines Vision, Mission and Strategic Goals
Strategic Plan
Provides Strategic Vision, Policy, and Budget
Oversight
Governance
34
Lessons Learned

• Flexible technology solutions architecture,
  security, infrastructure and applications. One
  size does not fit all
• Create dependencies
• Data
• Security..