Nov. 15-17, 2004 • Washington Convention Center • Washington D.C.
Event Schedule:
Conference Hours:
November 15: 8:00am - 5:00pm
November 16: 8:30am - 4:30pm
November 17: 8:30am - 5:00pm Registration Hours:
November 15: 7:00am - 5:00pm
November 16: 8:00am - 6:00pm
November 17: 8:00am - 4:00pm Expo Hall Hours:
November 16: 11:00am - 6:00pm
November 17: 10:00am - 3:00pm
Platinum Plus Sponsor:
Platinum Sponsor:
Gold Sponsor:
Hosted By:
Partnering Organizations:
Media Partners:
Agenda - Tuesday, November 16, 2004 EXPO HOURS: 11:00am-6:00pm
8:30am - 10:00am
Attendees may choose to attend one of three tracks offered during this time.
Federated Identity: The Quest for Interoperability (Enterprise Identity Management Track) It is one thing to establish user-friendly ID management systems within the enterprise, but it can be mind-boggling to think about exchanging digital credentials with outside parties such as trading partners, contractors, research colleagues and customers. But, there is a clear mandate for interoperability in identity management. In fact, federation is the only way to keep networks, and commerce, from bogging down under the weight of repetitive, costly, one-off processes.
Fortunately, the quest to develop business practices, policies, operating rules and standards is well underway. This session will explore the competitive/cooperative marketplace for federated ID, as well as the mechanisms of governance and technical standards. Models of federated ID including Liberty and ADFS (Active Directory Federation Service) will be covered in the afternoon.
Moderator: David Weitzel, Senior Principal, Mitretek Systems
IN-DEPTH SESSIONS WITHIN THIS SEMINAR INCLUDE:
8:30am
The Quest for Interoperability in Federated ID David Weitzel, Senior Principal, Mitretek Systems
8:45am
Identity Management in the Adaptive Enterprise
Identity Management enables the implementation of new business models, making the infrastructure more resilient and allowing new types of interactions. Enterprises must manage the evolution from their current state to that of an adaptive enterprise. The journey starts from wherever the organization is currently and moves through three stages-stable, efficient, and adaptive, with each stage providing more value to the business. This presentation will explore the journey of identity management through each stage of the journey providing insights into both architectural principles and business drivers. Archie Reed, Director of Business Planning and Strategy, Hewlett Packard Company
9:10am
WS-I: Ensuring Interoperable Secure Web Services
The Web Services Interoperability Organization (WS-I) is an open industry organization committed to promoting consistent and reliable interoperability among Web services across platforms, applications and programming languages. In August 2003, WS-I delivered the Basic Profile 1.0. The Basic Profile consists of implementation guidelines recommending how a set of core Web services specifications should be used together to develop interoperable Web services. With the delivery of the Basic Profile 1.0, WS-I turned its focus to Web services security and is developing an interoperability profile involving transport layer security, SOAP message layer security, encryption and signatures. Paul Cotton, chair of the WS-I Basic Security Profile Working Group, will discuss the interoperability challenges with the current Web services security standards; and highlight typical Web services security threats and countermeasures and the design goals, usage conventions and restrictions, testing and conformance of the Basic Security Profile.
Paul Cotton, Chair of the WS-I Basic Security Profile Working Group and Program Manager of XML Standards, Microsoft Canada
9:35am
Interoperability Specifications with SAML Scott Cantor, Senior Systems Engineer, Office of Information Technology, Ohio State University
ID Card Applications for Physical & Logical Access (Government ID Applications Track) Over the past 15 years physical security has gone from a “cut and laminate” world of Polaroid pictures to sophisticated systems based on digital printing and network technologies. The worlds of the physical security manager and IT security manager have also converged as organizations recognize that cyber security and physical protection are closely related.
Increasingly, we are also turning to the corporate ID badge to carry an array of digital technologies including RFID, computer chips, biometric templates and digital certificates.
This session will examine the current state of the physical ID space and electronic photo ID space. It will include case studies of some innovative companies that have recently “rebadged” to add both security and flexibility for future applications.
Moderator: Tim W. Baldridge, Computer Scientist, NASA George C. Marshall Space Flight Center
IN-DEPTH SESSIONS WITHIN THIS SEMINAR INCLUDE:
8:30am
Smart Card Enabled Physical Access for Cross Agency Interoperability Michael A. Sulak, Program Analyst, U.S. Department of State
9:00am
The NASA Employee Credential: An Integrated Solution Tim W. Baldridge, Computer Scientist, NASA Marshall Space Flight Center Dominic Fedronic, CTO, ActivCard
9:30am
RFID: Meeting Modern Security Needs Manish Bhuptani, Director, Market Development, Sun Microsystems
Privacy and Policy (Technologies and Policies Track) Despite many fears, society has done a pretty good job of balancing 21st century security realities with the rights of individuals. The scale that balances precautions and freedoms does not swing too far in either direction without correction. Can we keep it that way?
This session will examine privacy and regulatory policy both globally and from the perspective of major applications. We will discuss the privacy implications of data sharing and data mining as it relates to identification in governmental and credit information systems. In addition to legal and regulatory experts, panelists will describe privacy Best Practices and frameworks that can help keep organizations on the right side of watchdog groups and consumers.
Moderator: Ari Schwartz, Associate Director, Center for Democracy and Technology
IN-DEPTH SESSIONS WITHIN THIS SEMINAR INCLUDE:
8:30am
Defending and Building Privacy in the Digital Age Ari Schwartz, Associate Director, Center for Democracy and Technology
8:40am
FEATURED SPEAKER: Achieving Data Integrity, Privacy and Interoperability at DHS Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security
9:00am
Code of Principles for the Acceptable Use of Biometric Technology Purposes Paul Rosenzweig, Senior Research Fellow, Heritage Foundation, and Adjunct Professor, George Mason University
9:30am
Privacy Perspectives on Travel Document Standards Neville Pattinson, Director of Business Development, Technology and Government Affairs, Axalto Americas
9:40am
ICAO Standards for Biometrics and Contactless Passports: A Privacy Perspective Barry Steinhardt, Director, Technology and Liberty Program, American Civil Liberties Union
10:00am - 11:00am
General Session: Welcome and State of the Industry Ben L. Miller, Conference chair
Keynote: Checking ID: Anonymity as the Default David Weinberger, Fellow, Harvard Berkman Center, Founder, Evident Marketing, and Author of Small Pieces Loosely Joined
11:00am - 1:30pm
Visit the Expo Hall / Lunch Break (Lunch Served from 12:00pm-1:30pm)
1:30pm - 4:30pm
Attendees may choose to attend one of three tracks offered during this time.
Models of Federated ID and Web Services (Enterprise Identity Management Track) We live in a networked era of business collaboration and on-demand transactions. Web-enabled applications are the engine of growth and we have only scratched the surface of where they will take us. Already, the need for portable digital identities is playing catch up.
A variety of organizations are working, often on different levels, to make digital credentials portable across autonomous policy domains. This session will provide insight into the technical specifications, business processes and governance structures of the leading efforts in federated ID including Liberty Alliance, Microsoft Active Directory Federation Service, Passport, Shibboleth, Electronic Authentication Partnership and more.
Moderator: Jim Lewis, Senior Fellow and Director, Technology Policy, Center for Strategic and International Studies
IN-DEPTH SESSIONS WITHIN THIS SEMINAR INCLUDE:
1:30pm
Understanding Variations in Federated ID Models Linda Elliott, President, PingID Network
2:00pm
Microsoft’s Approach to Identity Management from ADFS to Web SSO Khaja Ahmed, CTO, MS Passport, Microsoft
The Electronic Authentication Partnership: Business Processes, Governance and Compliance David Temoshok, Director, Identity Policy and Management, General Services Administration, Office of Governmentwide Policy, GSA
4:00pm
InCommon: A Shibboleth-based Research & Education Federation Ken Klingenstein, Director, Middleware Initiative, Internet2
ID in DoD (Government ID Applications Track) Identification management is a very important concept within the Department of Defense. With its multi-function Common Access Card (CAC) smart card fully deployed, DoD is keeping its pace up by adding pioneering features including biometrics, cross credentialing and digital ID management.
As a case study, DoD shows how careful planning and adherence to standards can create a robust system capable of migration to new features and functions. The session will also detail DoD's experiences with CAs, PKI, and electronic photo ID.
Moderator: Michael Mestrovich, President & CEO, Unlimited New Dimensions, LLC
IN-DEPTH SESSIONS WITHIN THIS SEMINAR INCLUDE:
1:30pm
DoD's Solution Set for Personal Identity Protection Mary Dixon, Director, Access Card Office, Defense Manpower Data Center
2:00pm
Personal Identity Protection: Broadening the Identity Range beyond the Common Access Card Lynne Prince, Deputy Division Chief of the Authentication & Access Program Development Division, Defense Manpower Data Center
2:30pm
Integrating Biometrics with the CAC Card Bill Boggess, Chief of the Access & Authentication Technology Division - Defense Manpower Data Center
3:00pm - 3:30pm
Refreshment Break in the Expo Hall
3:30pm
Panel Discussion: Cross Credentialing: On the Fast Track at DoD Mike Mestrovich, President & CEO, Unlimited New Dimensions, LLC Jim McCollough, Senior Principal, SRA International, Inc. Katherine M. Hollis, Director Security and Privacy Professional Services, Electronic Data Systems Ralph Billeri, Senior Manager, DCIS, BearingPoint William Gravell, Director, Identity Management, Federal Enterprise Solutions, Northrop Grumman Information Technology
ID Databases and Proofing (Technologies and Policies Track) In a perfect world maybe there would be no reason to have databases containing information about individuals, but we do not live in a perfect world. People have human traits and sometimes those traits warrant that some privilege or access be denied. It may be a loan, a job, access to sensitive information, or an airline boarding pass. The fact is that identification is about trust and establishing that trust is job #1.
Most often we are simply proving that someone has the character and characteristics that they claim. The experts in this session will discuss how ID databases of financial history, criminal records and the like, are used to establish trust and how they plan to ensure that such information is not abused. Advanced topics such a predictive modeling and integration with enterprise systems will also be discussed.
Moderator: Maureen Loftus, Vice President, True ID/Authentication Solutions, ChoicePoint, Inc.
IN-DEPTH SESSIONS WITHIN THIS SEMINAR INCLUDE:
1:30pm
Introductions
1:40pm
Complying with the U.S. Patriot Act: Know Who You Are Doing Business With Tom Regan, Executive Director for Privacy & Regulatory Affairs, LexisNexis
2:05pm
The Power of Positive Verification
Studies have shown that positive verification of identifying information provides much more predictive results than relying on negative databases. At the same time, negative databases provide good information about the quality of customer the financial institution is acquiring. This session will share the PPS vision for the future of new relationship authentication which combines both elements in to one single, powerful solution. Robin Love, Senior Product Manager, Primary Payment Systems
2:35pm
Advanced Systems for Detecting and Reducing Identity Fraud Ted Crooks, Vice President, ID Fraud Solutions, Fair Isaac Corporation
3:00pm - 3:30pm
Refreshment Break in the Expo Hall
3:30pm
Finding Fraud By Seeking What's Normal
Because fraudsters have mastered how to stay ahead of detection, the only way to find them is to stop looking for them. Creditors can't rely solely on traditional methods that look for fraud; they must add a layer of technology and process to predict the likelihood of fraud by understanding what's normal. Today, the most effective approach to fraud detection is to establish what normal behavior patterns look like, such that anomalies to the pattern signal fraud. Allen Jost, Chief Technology Officer, ID Analytics, Inc.
4:00pm
The Privacy Implications of Data Proofing Jennifer Barrett, Chief Privacy Officer, Acxiom Corporation
For information or complete details on exhibiting or any sponsorship opportunity, please contact: Elaine Mershon, Director of Sales, at emershon@jupitermedia.com or at (508) 533-4995.
Registration questions please contact:
Our Registration Department at registration@jupitermedia.com or (203) 662-2857.
