Date Published: July 2016
Comments Due:
Email Questions to:
Author(s)
Paul Grassi (NIST), William Fisher (NIST)
Announcement
The National Cybersecurity Center of Excellence (NCCoE) has posted a draft Project Description on the topic of Mobile Application Single Sign-On: for Public Safety and First Responders.
On-demand access to public safety data is critical to ensuring that public safety and first responder (PSFR) personnel can deliver the proper care and support during an emergency. This requirement necessitates that PSFR personnel rely heavily on mobile platforms while in the field, which may be used to access sensitive information such as personally identifiable information, law enforcement sensitive information, or protected health information. The vast diversity of public safety personnel, missions, and operational environments presents unique challenges to implementing efficient and secure authentication mechanisms in order to protect access to this sensitive information.
This project seeks to demonstrate a reference design for multifactor authentication and mobile single sign-on for native and web applications, while improving interoperability between mobile platforms, applications, and identity providers irrespective of the application development platform used in their construction. Ultimately, this project and its example solution aims to help PSFR personnel efficiently and securely gain access to mission data via mobile devices and applications.
Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in the day-to-day business and preparations during non-emergency periods. However, these advantages can be limited if unnecessary or complex authentication requirements stand in the way of an official providing emergency services, especially when any delay – even seconds – is a matter of containing or exacerbating an emergency situation. The vast diversity of public safety personnel, missions, and operational environments magnifies the need for a nimble authentication solution for public safety. This project will explore various multifactor authenticators currently in use, or potentially offered in the future, by the public safety community as their next generation networks are brought online. The effort will not only build an interoperable solution that can accept various authenticators to speed access to online systems while maintaining an appropriate amount of security, but the project will also focus on delivering single sign-on (SSO) capabilities to both native and web/browser-based apps. It is not enough to have an authenticator that is easy to use; this project sets out to identify technical options for the public safety community to consider deploying to ensure individuals in the field are not kept from meeting their mission goals by unnecessary authentication prompts. This project will result in a freely available NIST Cybersecurity Practice Guide, detailing the technical decisions, trade-offs, lessons-learned, and build instructions, based on market-dominant standards, such that public safety organizations can accelerate the deployment of a range of mobile authentication and SSO services to their population of users.
Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in the day-to-day business and preparations during non-emergency...
See full abstract
Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in the day-to-day business and preparations during non-emergency periods. However, these advantages can be limited if unnecessary or complex authentication requirements stand in the way of an official providing emergency services, especially when any delay – even seconds – is a matter of containing or exacerbating an emergency situation. The vast diversity of public safety personnel, missions, and operational environments magnifies the need for a nimble authentication solution for public safety. This project will explore various multifactor authenticators currently in use, or potentially offered in the future, by the public safety community as their next generation networks are brought online. The effort will not only build an interoperable solution that can accept various authenticators to speed access to online systems while maintaining an appropriate amount of security, but the project will also focus on delivering single sign-on (SSO) capabilities to both native and web/browser-based apps. It is not enough to have an authenticator that is easy to use; this project sets out to identify technical options for the public safety community to consider deploying to ensure individuals in the field are not kept from meeting their mission goals by unnecessary authentication prompts. This project will result in a freely available NIST Cybersecurity Practice Guide, detailing the technical decisions, trade-offs, lessons-learned, and build instructions, based on market-dominant standards, such that public safety organizations can accelerate the deployment of a range of mobile authentication and SSO services to their population of users.
Hide full abstract
Keywords
first responder; mobile authentication; multifactor authentication; native applications; public safety; single sign-on; SSO; biometric; authentication
Control Families
Access Control; Identification and Authentication