ad-assurance - [AD-Assurance] Microsoft Strategy / FICAM / Kantara
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: "Capehart,Jeffrey D" <>
- To: "" <>
- Subject: [AD-Assurance] Microsoft Strategy / FICAM / Kantara
- Date: Mon, 6 May 2013 21:35:25 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none
|
On the question “Does Microsoft have a strategy for supporting compliance
with the Federal Identity, Credential, and Access Management (FICAM) requirements at LoA-2? If so, what is the time frame?” Note that Microsoft is a partner with Kantara, and that AD-FS was listed as the Microsoft technology adopted that passed “IdP Lite” level Presumably they passed based on the Common Criteria EAL4 done for Windows Vista and Server 2008? Perhaps the question to ask is how does AD-FS and AD-DS meet the SP 800-63 approved algorithm requirement for stored authentication secrets, and other aspects
per our gaps table? When I looked at the documents, it seemed as if there was a reliance on AD-DS by AD-FS. And the Common Criteria specs excluded the one piece that would have
tested 4.2.3.6 as “not applicable”. Not to mention the many references to assumptions that were made for the EAL4 evaluation… However, the main point is that Microsoft should already be familiar with the Kantara Initiative, so perhaps that is the way to go since many of the same requirements
are present due to FICAM profile approval. Jeff |
- [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Capehart,Jeffrey D, 05/06/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/06/2013
- RE: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Capehart,Jeffrey D, 05/06/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/07/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Ann West, 05/07/2013
- RE: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Capehart,Jeffrey D, 05/07/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/07/2013
- RE: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Capehart,Jeffrey D, 05/08/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Ann West, 05/08/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/08/2013
- RE: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Capehart,Jeffrey D, 05/08/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/07/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/07/2013
- RE: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, Capehart,Jeffrey D, 05/06/2013
- Re: [AD-Assurance] Microsoft Strategy / FICAM / Kantara, David Walker, 05/06/2013
Archive powered by MHonArc 2.6.16.