Identity, Credentials and Access Management (ICAM)
WHAT IS ICAM? The essence of ICAM is access control. The access portal can be a door to a building, a device and/or an information system. Therefore, the management of identities, credentials and access rights is the essence of the convergence of information technology and security management. ICAM is the management framework.
The current state of personal and organizational interoperability relies on the sound principles of ICAM. The foundation of ICAM is “TRUST.” Trust begins with an identity and its unique attributes. Individuals have one identity that can and will be asserted within facility and logical access systems based on the rights and privileges given to the identity. The US Department of Defense (DoD) has reduced by 46% unauthorized access to systems upon implementing an authentication-based access control program. DoD uses the Common Access Card (CAC) to facilitate authentication before access is given to a portal.
The facilitator of this assertion is the credential. The identity is bound to a “TRUSTED” unique certificate that is hosted by a smart card, cell phone or computer. This certificate or an encrypted key is used to facilitate authentication for that identity to be given access to a portal.
WHY IS ICAM IMPORTANT? Identity, Credentialing and Access Management architecture provides Federal, State, Local, Tribal Agencies and industry with a consistent approach for managing the vetting and credentialing of individuals requiring access to information systems and facilities.
HOW CAN I LEARN MORE? The Critical Infrastructures and Cyber Protection Center offers three short courses tailored for executives, managers and practitioners. These courses are designed to provide an understanding of the ICAM management framework so that organizations and federal agencies can implement and manage processes and technologies that enable both the physical and logical access control.
ICAM EXECUTIVE SUMMARY – One Hour
Key discussion areas include: ICAM Overview, Requirements Determination, and Program Implementation.
ICAM INTRODUCTION – PART A - Six Hours
Key discussion areas include: ICAM Roadmap Overview; ICAM Segment Architecture; Initiative Summary; Budget and Strategic Planning
ICAM INTRODUCTION – PART B – Six Hours
Key discussion areas include: Summary Review of Part A; Program Management; Convergence; Federation: Maturity Model; Modernization of the Logical and Physical Access Control System
For the schedule of classes and to register, click here.
Participants will need to have access to a copy of the following documents during the instruction.