You are here

ICAM On-the-Fly


DESCRIPTION: The Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T)

Project Responder 5 Report identified key capabilities to help first responders be more effective
in their mission. Among   the   findings   included   the   need   to   securely  share  
information,   validate   responders   from   other organizations, and securely maintain records.
These challenges only increase as responders rely on more data. There is a critical need for
responders to securely validate users and share information.  Identity, Credential, & Access
Management (ICAM) principles can mitigate these challenges.

ICAM is a framework of policies built into an organization’s IT infrastructure that allows system
owners to have assurance  that  the  right  person  is  accessing  the  right  information  at  the
 right  time  for  the  right  reason.  First Responders need to safely and securely share
information between jurisdictions, but first responder organizations do  not  currently  have 
federations  set  up  to  aid  in  information  sharing.  Instead,  during  multi-jurisdictional
responses, organization might be forced to manually provision an un-vetted new user or take days to
vet a new user's identity and certificates. Lead agencies require quick and secure solutions to vet
identities and credentials in real time as well as auto-provision users into information sharing
applications. ICAM On-the-Fly would allow new users to show up to assist in a public safety event,
bringing their own credential, their own device and the role they are to provide during the event.

Fundamentally, ICAM On-The-Fly must:

•    Perform Quick Identity Proofing;

(e.g. validate that the user is who they says they are)

•    Validate applicable certifications and attributes required to access the information to be
shared; (e.g. EMT Certified, sworn law enforcement)

•     Automatically Provision (register) New Users;

•     Be built using open standards to preserve interoperability;

•     Be cross platform (iOS/Android) compatible; and

•     Recognize  a  broad  array  of  credential  attributes  in  diverse  environments  (i.e. 
multiple  types  of  LDAP,  Active Directory, etc.)


US Flag An Official Website of the United States Government