NEWS: "Single sign-on" service for Homeland Security Department

On August 7, the Department of Homeland Security (DHS) released a Request for Information (RFI) for industry solutions that can provide single sign-on (SSO) access to its online services in order to improve the DHS strategic information-sharing capability - that is, "getting the right information to the right people without delay".

As noted in the accompanying Statement of Work (SOW) (MS Word document), one specific aspect of this project is defining "he types of information the SSO service needs in order to make appropriate decisions about which individuals should be given access to what information under which circumstances, based on applicable law, policy and operational need. In other words, what attributes do we need to know of a person requesting access to a DHS information resource?"

In particular, the following factors can potentially be used to determine attributes of a highest-priority person (according to the SOW):

-- Employing organizations, sub-entities, work roles, etc.;
-- Characteristics of the user populations currently served by the DHS information services;
-- Type and sensitivity of information provided to users;
-- "Ideal" user populations (that is, all those whose mission could be better or more easily achieved by access to the information, whether or not currently accessing the information service);
-- Legally authorized purposes of the users (that is, permitted "routine uses" declared for privacy information);
-- Other limitations on distribution of the information,(for example, "memorandum-of-understanding" restrictions linked to information obtained from other agencies); and
-- Attributes currently being used to govern access to the information resources.

Technorati tags: United States, Federal Government, Information Management, Information Systems, Security, Information Security, Information Sharing