Location-based service for Federal Identity, Credential & Access
Small Business Information
250 STATE ST, Unit G-1, NORTH HAVEN, CT, 06473
AbstractQueralt LLC is developing a location-based service that increases security and scalability of access control for logical systems, by providing geospatial coordinates as attributes of policy decision requests using RFID & GPS sensor data. Government agencies temporarily share access to their logical systems, often during critical times (e.g. emergency events) but must do so in a way that protects both against system misuse and privacy concerns. Queralt`s service is based on open ratified standards that facilitate scalable interoperability between agencies. This service protects against system misuse by increasing the security options of policy creators, to include location-based attributes. During Phase II, Queralt will deliver an end-to-end Identification Management (IdM) prototype which gathers location of the person requesting access to the logical system, and formulates a request from the enforcement point to the decision point, with appended user location coordinates. Queralt will develop and test market a Policy Enforcement Point, and location-based service which can be deployed and seamlessly coexist with current solutions in a Federated Identity Management system. Anticipated Benefits: The ability to use location in IdM will enable DHS, and customer agencies, to implement more rapid and secure information sharing protocol. The use of policies that reason with geographical boundaries of events and user locations drastically reduce the time required to setup secure sharing of sensitive information across agencies during critical events, something that will increase the effectiveness of rapid response operations. It will do so through an automated decision making process that requires less human resources, hence less costs, while enforcing more secure policies that check both user credentials and physical presence in the area of a rapid response operation before granting access to sensitive logical resources, hence less risk of system misuse.
* information listed above is at the time of submission.