Date Published: June 2021
Comments Due:
Email Questions to:
Author(s)
William Fisher (NIST), Christopher Brown (MITRE), Mark Russell (MITRE), Sudhi Umarji (MITRE), Karen Scarfone (Scarfone Cybersecurity)
Announcement
Identity as a service (IDaaS) is when a company offers identity, credential, and access management (ICAM) services to customers through a software-as-a-service (SaaS) cloud-service model. Public safety organizations (PSOs) could potentially reduce costs and adopt new standards and authenticators more easily by using IDaaS to provide authentication services for their own applications. This would allow PSOs to offload some or most of their authentication responsibilities to the IDaaS provider.
This report informs PSOs about IDaaS and how they can benefit from it. It also lists questions that PSOs can ask IDaaS providers when evaluating their services to ensure the PSOs’ authentication needs are met and the risk associated with authentication is mitigated properly. PSOs considering IDaaS usage are encouraged to use this NISTIR. This report was developed in joint partnership between the National Cybersecurity Center of Excellence (NCCoE) and the Public Safety Communications Research Division (PSCR) at NIST.
NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
On-demand access to public safety data is critical to ensuring that public safety and first responder (PSFR) personnel can protect life and property during an emergency. The increasing use of cloud technologies can improve data access but also causes authentication challenges. The objective of this report is to inform public safety organizations (PSOs) about identity as a service (IDaaS) and how they can benefit from using it. This report also lists questions that PSOs can ask IDaaS providers when evaluating their services to ensure that the PSOs’ authentication needs are met and the risk associated with authentication is mitigated properly. This report was developed in joint partnership between the National Cybersecurity Center of Excellence (NCCoE) and the Public Safety Communications Research (PSCR) Division at NIST.
On-demand access to public safety data is critical to ensuring that public safety and first responder (PSFR) personnel can protect life and property during an emergency. The increasing use of cloud technologies can improve data access but also causes authentication challenges. The objective of this...
See full abstract
On-demand access to public safety data is critical to ensuring that public safety and first responder (PSFR) personnel can protect life and property during an emergency. The increasing use of cloud technologies can improve data access but also causes authentication challenges. The objective of this report is to inform public safety organizations (PSOs) about identity as a service (IDaaS) and how they can benefit from using it. This report also lists questions that PSOs can ask IDaaS providers when evaluating their services to ensure that the PSOs’ authentication needs are met and the risk associated with authentication is mitigated properly. This report was developed in joint partnership between the National Cybersecurity Center of Excellence (NCCoE) and the Public Safety Communications Research (PSCR) Division at NIST.
Hide full abstract
Keywords
authentication; identity, credential, and access management (ICAM); identity as a service (IDaaS); multifactor authentication; public safety and first responders; public safety organization (PSO)
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
