Identity Management Architecture Design by gxi20505

VIEWS: 48 PAGES: 44

More Info
									                                             Identity Management
                                             Reference Architecture
                                             Defining a reference enterprise
                                             architecture for Federal identity
                                             management
Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


                                        1 / March 2008 /
Agenda
•  Introductions


•  Present the Practicum


•  Recommendations & Lessons Learned




                           2 / March 2008 /
Team Members
•  Greg Black, Paul Kavitz, Jay Ryan
•  Recognizing culture as a leading risk factor,
   the IDM team sought after areas of
  personal growth that added value
  toward an overall problem statement.
•  Experience, both professional and
  personal, were contributed by each                      Paul Kavitz, MSP
  member through their work ethics and
   desire to embrace and employ enterprise
   architecture.
•  Capitalized on individualism, experience,
  education, and leadership to provide
  perspectives.
•  Diverse backgrounds and
  individual work ethics of
  each team member helped
  create a rich, cohesive
  approach to gap analysis
                                                                             Jay Ryan, IDM & PKI
  and problem solving.                                                           Consultancy
                                  Greg Black,
                                  Government

                                       3 / March 2008 /
                                             Identity Management
                                             Reference Architecture
                                             Defining a reference enterprise
                                             architecture for Federal identity
                                             management
Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


                                        4 / March 2008 /
Executive Summary

Audience
 •  Government policy and decision makers concerned with the Federal
    Enterprise Architecture (FEA) and Identity Management (IDM)
    architectures
Motivation and Intent
 •  To define an extension to the FEA Framework that facilitates
    alignment of agency identity management architectures and
    improves benefits case realization.
Structure and Scope
 •  This presents a reference architecture designed to provide a
    standard pattern baseline for identity management architecture
    implementations government wide.
 •  The core components are scoping and contextual artifacts common
    to identity management architectures
 •  The summary also includes architecture governance, transition,
    communication, and maintenance plans.

Identity Management Reference Architecture
                                             5 March 2008
What do we mean by IDM Reference Architecture?




Identity Management Reference Architecture
                                             6 March 2008
What is the business scenario that grounds this effort?




Identity Management Reference Architecture
                                             7 March 2008
  Reference Enterprise Architecture Scope
  Mapped to Deliverables – Assignment Scope
                                 WHAT                       HOW                   WHERE                         WHO                       WHEN                       WHY
                           INVENTORY IDENTIFICATION   PROCESS IDENTIFICATION   NETWORK IDENTIFICATION   ORGANIZATION IDENTIFICATION   TIMING IDENTIFICATION   MOTIVATION IDENTIFICATION
                                                                                                                                                               Problem Def.
                              Dictionary                  Missions                Mission Distribution
                                                                                                                                           Event                  Guidance
              SCOPE                                                                                                                                                                       STRATEGISTS
                                                            L of S                     Map                       BNC                         List                Indicators
                                   BNC
                               INVENTORY TYPES            PROCESS TYPES            NETWORK TYPES            ORGANIZATION TYPES            TIMING TYPES
                                                                                                                                                                 Inventory
                                                                                                                                                                  MOTIVATION TYPES

                             INVENTORY DEFINITION       PROCESS DEFINITION      NETWORK DEFINITION        ORGANIZATION DEFINITION       TIMING DEFINITION       MOTIVATION DEFINITION



                                                          Business                                                                                                 Line of                  EXECUTIVE
              BUSINESS             CDM                    Concept                                                                                                   Sight                    LEADERS
                               BUSINESS ENTITY            Graphic
                                                       BUSINESS TRANSFORM        BUSINESS LOCATION            BUSINESS ROLE              BUSINESS CYCLE             BUSINESS END
                            BUSINESS RELATIONSHIP         BUSINESS INPUT        BUSINESS CONNECTION           BUSINESS WORK             BUSINESS MOMENT            BUSINESS MEANS

                           INVENTORY REPRESENTATION   PROCESS REPRESENTATION   NETWORK REPRESENTATION   ORGANIZATION REPRESENTATION   TIMING REPRESENTATION   MOTIVATION REPRESENTATION




              SYSTEM                                          AFM                                                                                                                          DESIGNERS
                                SYSTEM ENTITY           SYSTEM TRANSFORM          SYSTEM LOCATION              SYSTEM ROLE                SYSTEM CYCLE               SYSTEM END
                             SYSTEM RELATIONSHIP           SYSTEM INPUT          SYSTEM CONNECTION             SYSTEM WORK               SYSTEM MOMENT              SYSTEM MEANS

                           INVENTORY SPECIFICATION     PROCESS SPECIFICATION   NETWORK SPECIFICATION    ORGANIZATION SPECIFICATION    TIMING SPECIFICATION    MOTIVATION SPECIFICATION




              TECHNOLOGY                                                                                                                                                                   ENGINEERS
                              TECHNOLOGY ENTITY       TECHNOLOGY TRANSFORM       TECHNOLOGY LOCATION         TECHNOLOGY ROLE            TECHNOLOGY CYCLE          TECHNOLOGY END
                           TECHNOLOGY RELATIONSHIP       TECNOLOGY INPUT       TECHNOLOGY CONNECTION         TECHNOLOGY WORK           TECHNOLOGY MOMENT         TECHNOLOGY MEANS

                           INVENTORY CONFIGURATION    PROCESS CONFIGURATION    NETWORK CONFIGURATION    ORGANIZATION CONFIGURATION    TIMING CONFIGURATION    MOTIVATION CONFIGURATION




  Context
              COMPONENT                                                                                                                                                                   TECHNICIANS
   Data                       COMPONENT ENTITY        COMPONENT TRANSFORM       COMPONENT LOCATION            COMPONENT ROLE            COMPONENT CYCLE           COMPONMENT END
                           COMPONENT RELATIONSHIP        COMPONENT INPUT       COMPONENT CONNECTION          COMPONENT WORK            COMPONENT MOMENT           COMPONENT MEANS

                           INVENTORY INSTANTIATION    PROCESS INSTANTIATION    NETWORK INSTANTIATION    ORGANIZATION INSTANTIATION    TIMING INSTANTIATION    MOTIVATION INSTANTIATION
  Process

Performance

 Network
              OPERATIONS
                              OPERATIONS ENTITY
                           OPERATIONS RELATIONSHIP
                                                   THE ENTERPRISE
                                                      OPERATIONS TRANSFORM
                                                         OPERATIONS INPUT
                                                                                OPERATIONS LOCATION
                                                                               OPERATIONS CONNECTION
                                                                                                             OPERATIONS ROLE
                                                                                                             OPERATIONS WORK
                                                                                                                                        OPERATIONS CYCLE
                                                                                                                                       OPERATIONS MOMENT
                                                                                                                                                                  OPERATIONS END
                                                                                                                                                                  OPERATIONS MEAN
                                                                                                                                                                                             WORKERS




                              INVENTORY                   PROCESS                  NETWORK                ORGANIZATION                     TIMING                MOTIVATION


  Identity Management Reference Architecture
                                                                                                                             8 March 2008
 Identity Management Reference Architecture
 Artifact Inventory

              Short           Deliverable Name                      Description
              Name
              Problem Def.    Architectural Problem Statement       Complete statement of purpose of the Identity Management Reference Architecture

              Guidance        Guidance summary                      A summary list of relevant directives, regulation, and guidance constraining the implementation of personal
                                                                    identity verification.
              Dictionary      Integrated Data Dictionary            An inventory of data types that define the scope of personal identity verification.

              Event List      Operational Information Cycles        A composite artifact showing the relationship of [reference] business cycles to the state of information in the
                                                                    Integrated Data Dictionary.
              BNC             Business Node Connectivity Model      Scoping artifact showing the information relationships between organizations collaborating on the
                                                                    implementation of Personal Identity Verification.
              CDM             Concept Data Model                    Conceptual Data Model using Object Relational Modeling conventions to describe the semantic relationships of
                                                                    the primary data entities pertaining the identity management.

              AFM             Activity Flow Model                   Design artifact using IDEF0 describing a example (model) process implementation of Personal identity
                                                                    Verification in the adjacent suprasystem of processes necessary to operate this function. Framed by the
                                                                    Federal Enterprise Architecture Service Component Reference Model
              BCG             Business Concept Graphic              Graphic describing multiple functional relationships between processes and business missions related to
                                                                    personal identity verification.
              Missions        Related Federal Missions              A list of missions and supporting business functions, framed by the FEA Business Reference Model, that have
  Context                                                           some role in personal identity verification.
              Indicator       Candidate Performance                 A list of potential measurement indicators across technical, process, and citizen-service measurement areas
   Data       Inventory       Measurement Indicators                relevant to assessing performance of personal identity verification.
              Line of Sight   Line of Sight Example                 Example artifact demonstrating application of a set of performance measurement indicators across a specific
  Process                                                           service component relevant to personal identity verification.
              Map             Geographic Distribution of Network    A global map identifying different types of countries with shared high-level characteristics relevant to the
Performance                   Types                                 implementation of personal identity verification.
              Mission         Organizational Mission Distribution   Composite artifact integrating Organization (Agency), Network (Geography) and Process (Business Sub-
 Network      Distribution                                          function missions) relevant to assessing scope for personal identity verification.




  Identity Management Reference Architecture
                                                                                                            9 March 2008
                                             Appendix A:
                                             Artifact Summary
                                             Identity Management Reference
                                             Architecture
Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


Identity Management Reference Architecture
                                                 10   March 2008
Architecture Problem Statement
                                                                         Market System                                                                                Market Policy
                                                                                                                                                                      (Market Interventions)
 Core Problem Statement
                                                                      (Commercial Sector operators
                                                                  Driven primarily by investor priorities)


   •  Define a Reference Architecture                                                                                                         Identity Management

       that aligns the motivations and                                                                                                       Reference Architecture

  A    objectives of the acquirers and                                                    Critical Sector
       providers of credentialing systems                                                          (Industry EA)
                                                                                                                                                                                                          Federal
                                                                                                                                                                 US Federal                                   Policy
       in the US Federal Enterprise (see                                                                   B                                                     Enterprise
       table below)                                                                                                                                                 (FEAF)


 Extended Problem Statement                                                                                                                                                      Operational Policy
                                                                                                                                                                                   (Government-wide policy)
                                                                                                                         IT MSP
   •  Interpret the ‘US Federal                                                                                         Enterprise
       Enterprise’ above and shared                                                            B                         (IT MSP EA)
                                                                                                                                                       A
  B
       objective #1 below in terms of the                            Critical Sector
       public-private interactions                                     (e.g. Electricity EA)                                                                     US Defense
       required to fulfill the homeland                                                                                                                          Enterprise
                                                                                                                                                                   (DODAF)
       security mission objectives
       predicated by credentialing                                                                                 B                   B
       requirements.                                                                                                                   Critical Sector
                                                                                                                                             (e.g. Defense-
                                                                                                         Critical Sector                   Industrial Base EA)
                                                                                                        (e.g. Transportation EA)



                                                                                                                                                                 Industry-specific Policy
                                                                                                                                                                      (Industry Regulation)




 #
 A               IT MSP Enterprise Objective                                                   Federal Enterprise Objective                                                          Primary artifacts

  1   What is the total addressable market in the US government
      for identity management?
                                                                     Where can identity management be reused across government?                                                   Missions, Line of Sight,
                                                                                                                                                                                  Mission Distribution

  2   What are the cross-sell opportunities for a credentialing
      solution?
                                                                     What is the integrated suprasystem surrounding a credentialing
                                                                     service required to realize the projected benefits?
                                                                                                                                                                                  Dictionary, Event List,
                                                                                                                                                                                  BNC, AFM, BCG, Map

  3   What is the market value proposition for the identity
      management solution?
                                                                     What are the citizen-centric benefits and performance measures
                                                                     for identity management investments? (eGovernment)
                                                                                                                                                                                  Indicator Inventory, Line
                                                                                                                                                                                  of Sight


Identity Management Reference Architecture
                                                                                                                   11        March 2008
  Business Concept Graphic

                                                                     IDM Reference Architecture
                 IDM Reference Architecture                           can be used by Agencies


                                   Identity
                                                             Agencies accountable                                                                                                                                  Agencies accountable
                                                              for only their own                                                                                                                                       for their own
                                 Credentialing
                                                             critical IT & facilities                                                                                                                                  and external
                                                                                                                                                                                                                   critical infrastructure
Credential Standards                                                                                                                                                                                                      sectors
Defined by HSPD-12
   And FIPS201
                             Managed Service



                                 Management




                                     Credential   Logical
                                                  Access
                                                                                                                     Information Technology
                                                                                                                 & Communications Sectors



                                                                                                                                                           Facilities Sector
                       Invalid                                                                                                                                                                                        Critical Infrastructure
                                                  Physical
                       Person                                                                                                                                                                                                Sectors
                                                  Access




                                                                                                                                                  Defense-Industrial Base
                                                                                                                                                                            Banking & Finance
                                                                                                                                                                                                                          (from HSPD-7




                                                                                                                                                                                                Oil & Gas
                                                                                                                                                                                                            Food
                                                                                                                                                                                                                            and NIPP)




                                                                                                                                                                               Nuclear
                           Valid




                                                                                                                                 Transportation
                          Person




                                                                                                                   Electricity
                                                                    IDM Reference Architecture
                                                                  can be used by Critical Sectors




   Identity Management Reference Architecture
                                                                                              12    March 2008
Guidance Map




Identity Management Reference Architecture
                                             13   March 2008
Federal Missions Related to Identity Management




Identity Management Reference Architecture
                                             14   March 2008
 Business Node Connectivity Model
                                                                  Collaboration is
                                                                       INTENSE


                                                                  Often Forgotten
  Key “Virtual” Node                                                    Nodes
is often Hiring Managers
                                                                    •  Help Desk
                                                                  •  Information &
                                                                   Technology Mgmt
                                                                    •  Contractor
                                                                       Sponsors


                                                                  Agency’s have NOT
                                                                outsourced IDM in total


                                                                 BI Largely Outsourced
                                                                 Credential Mfg. Largely
                                                                      Outsourced




 Identity Management Reference Architecture
                                              15   March 2008
Activity Flow Model




Identity Management Reference Architecture
                                             16   March 2008
                                                                               Bullet Proofing the Identity
Operational Event List                                                          Management Capability
                                                         Identity
                                                      Management                   • Event Handling
                                                      Operational
                                                         Events
                                                                                   • Event Linkage




              Identity                                              Credential                Infrastructure
                                       Identity Change
         On/Off Boarding                                            Management                Management
                                             Events
               Events                                                 Events                     Events




Identity Management Reference Architecture
                                                                          17     March 2008
Conceptual Data Model

Artifact Summary
 •  Provides semantic information
     relationships for business
     stakeholder communications
 •  Key entities include person,
     credential, permission, portal, and
     assets (information, system, and
     physical)
Artifact Alignment
 •  Information entities support the
     Activity Flow Model
 •  Entities defined in the Dictionary
Artifact Use
 •  Used to bridge CIO Council Data
     Sub-committee and Universal Core
     efforts with logical data models in
     reference agencies.



Identity Management Reference Architecture
                                             18   March 2008
Integrated Data Dictionary – Subset Snapshot
Artifact Summary                                             Artifact           Term                                            Definition

 •  Defines key terms used in architecture,           Activity Flow Model
                                                      Conceptual Data Model
                                                                              Person         A person is a human that has a context within the enterprise which requires
                                                                                             access to digital or physical assets.
     primarily at scoping perspective                 BNC Model


Artifact Alignment                                    Conceptual Data Model   Clearance      A label or set of labels about a Person that identifies a level of trust in that
                                                                                             Person

 •  Dictionary to Business Node Connectivity          Activity Flow Model     Position       The job description (e.g. title, manager/staff, organization) describing an
     (BNC)                                            Conceptual Data Model                  expected set of behaviors and corresponding activities and rights for a

    All business nodes (organization) and need                                               person

     lines (data) displayed in the BNC are defined.   Conceptual Data Model   Gender         Sex of the person


 •  Dictionary to Activity Flow Model (AFM)           Conceptual Data Model   Name           Legal labeling of person based on birth record or other legal assignment.

    All processes, inputs, and outputs displayed in   Conceptual Data Model   Birth          The act of being born or establishing an existence.
     the AFM are defined.                             Conceptual Data Model   Birthplace     The location where a person is born usually identified as city and state or
 •  Dictionary to Conceptual Data Model                                                      geospatial key number.

     (CDM)                                            Conceptual Data Model   Party          A collection of persons or other parties that share a common goal or interest.
    All semantic data objects displayed in the CDM                                           This would cover collections that are inside or outside the enterprise and that
                                                                                             are persistent or temporary.
     are defined.
                                                      Activity Flow Model     Credential     A physical or logical token representing the identity of a person.
 •  Dictionary to the Related Federal Missions        Conceptual Data Model

    All business reference model topics that are in   BNC Model

     scope of the assignment are defined.             Activity Flow Model     Certificate    A structured set of information uniquely authenticating a person.
                                                      Conceptual Data Model
Artifact Use                                          BNC Model


 •  Should be used to understand terms used
                                                      Conceptual Data Model   Facility       A physical asset that is temporarily or permanently immobile physical
                                                                                             structure encompassing a physical space which can be occupied by human
     within the IDM-RA                                                                       beings


 •  This artifact seeks alignment with other          Conceptual Data Model   Jurisdiction   The legal context and authority governing activity in a physical space.

     governmental data definition workgroups, and     Conceptual Data Model   Compound       A collection of one or more facilities with a common perimeter serving some
     should be maintained as standard federal                                                shared purpose

     information definitions evolve.                  Conceptual Data Model   Boundary       A physical perimeter bounding a space

 •  Architects using this reference architecture to   Activity Flow Model     Control        The physical and logical controls governing human passage across a portal.
     define identity management implementations       Conceptual Data Model

     can use this dictionary as one source of         Conceptual Data Model   Portal Audit   The survey conducted by a human being assessing the access controls of a
     standard definitions for identity-related                                               portal.

     information.                                     Conceptual Data Model   Portal Audit   The discrete, individual representations of an auditor's survey of the state of a
                                                                              Findings       portal's access controls.


                                                      Activity Flow Model     Portal         An access control point where human beings are able to cross a physical or
                                                      Conceptual Data Model                  logical boundary

Identity Management Reference Architecture
                                                                      19      March 2008
Distribution of Organization Mission




                                      Country Birth Registration Rate
                                      90% or greater        50-69%                  <30%

                                             70-89%                                 No Birth
                                                            30-49%            Registration System




Identity Management Reference Architecture
                                                                        20   March 2008
Distribution of Network Types




                                      Country Birth Registration Rate
                                      90% or greater        50-69%                  <30%

                                             70-89%                                 No Birth
                                                            30-49%            Registration System




Identity Management Reference Architecture
                                                                        21   March 2008
Candidate Performance Measurement Indicators




Identity Management Reference Architecture
                                             22   March 2008
Line of Sight Example




Identity Management Reference Architecture
                                             23   March 2008
Next Steps & Key Observations

Next Steps                                    Key Observations
 •  Find way to ensure Managed Service        •  Identity document verification challenges
     Providers (MSPs) are aligned to this       overseas
     reference model
                                              •  Federal data architecture activities
 •  The National Infrastructure Protection
                                              •  U.S. missions overseas
     Plan (NIPP) is managed through a
     collection of committees. This           •  Activity Flow Model responsibility
     committee structure, with the Critical   •  Need to “fill the gap” beyond what the
     Infrastructure Partnership Advisory        FEA profile provides
     Council (CIPAC) at its apex, could be
     adapted to form the governance for       •  Relationship between IDM and
     cross-industry alignment                   governmental mission of CIP in
                                                commercial enterprises
 •  This reference architecture could be
     extended to include a reference
     transition plan for an implementing
     agency. This might describe means by
     which agencies would prioritize and
     group identity management
     improvements.




Identity Management Reference Architecture
                                                   24   March 2008
Implementation Strategy
Rollout
Target Architecture                                            Phase 1                 Phase 2                 Phase 3
 •  The end state for the IDM-RA is the acceptance and
     standardization of this reference architecture as a
     baseline upon which implementing agencies draw                                           Reference
                                                             Stakeholder
     to establish their enterprise architectures                                             Architecture
                                                             Socialization
     pertaining to identity management.                                                      Community
Socialize with Stakeholders
 •  Socialization of this RA with the target client
     community, specifically the FICC and the leading                                      FEA Addendum
     federal credentialing managed services providers.
 •  Identify groups working, including existing groups
     working on standardization of ‘Person’ data types.
FEA Addendum
 •  Extend the FEAF with a new type of reference                                       Summary
     model exemplified by the IDM-RA.                      1. Progressive diffusion and adoption of this RA as a baseline
                                                            input for each agency’s EA artifacts that pertain to IDM.
 •  Build upon the current RA primitives with a set of      (Referred to as the IDM-RA Transition Strategy.
     composite RAs relevant to a particular government
                                                           2. The “as-is” and “to-be” target architectures of each agency
     imperative and common to multiple agencies.            will differ widely, as will their transition plan. Therefore, the
Establish IDM Reference Architecture                        second level of implementation strategy is the iterative
 Community                                                  transition of each agency’s operational architecture (the
                                                            instantiation of IDM in that agency) in ways that
 •  Integrate RA into the CPIC process, maintenance of      progressively improve the benefits case realization and
     a website and possibly a wiki and collaboration        ability to interoperate with other agency’s IDM architecture.
     forums to incorporate best-practice feedback from      Each agency is expected to have an “as-is” and “to-be” and
     pervasive agency implementations.                      will define its own contextual transition strategy relevant to
                                                            its priorities and goals. This transition is important, and
 •  This forum and governance would provide the             must be governed effectively government-wide to realize the
     means to measure the performance of the IDM-RA         overall objectives of IDM.
     effort and tune the model and the approach to be
     responsive to community needs and feedback.

Identity Management Reference Architecture
                                                                    25    March 2008
Implementation Strategy
Assurance
Governance
 •  Governance of the Federal Enterprise-Wide
    Identity Management Capability
 •  Governance of the Agency Identity
    Management Capability
 •  Governance of the Identity Management
    Reference Architecture
Maintenance
 •  Should evolve as the many different agencies
    incorporate it within their specific EA.
 •  Changes should be captured and
    documented, justified on the basis of costs,
    benefits, and risks.
 •  Changes should be processed through
    established change control processes and
    board authority.
 •  The change documentation should                Performance Management
    characterize the problem, solution, and
                                                     •  Performance of an agency in meeting the stated performance indicators
    alternatives chosen and rejected in light of
    established priorities.                          •  Performance of the reference architecture as a tool to meet the end goal
                                                   Capital Planning Integration
Communications
                                                     •  Each agency implementing the IDM model designs its own CPIC process for
 •  Create materials describing the scope of the        structuring budget formulation and execution to ensure that investments
    EA and the value, benefits, and importance          consistently support strategic goals.
    of EA and the IDM-RA.                            •  All IT projects should align with the agency mission and support business needs.
 •  One-page briefing or brochure, key concept          The target architecture and the sequencing plan provide information for the three
    map, Frequently-Asked Questions (FAQ)               phases of the CPIC process.
    document, and PowerPoint presentation.         Compliance
 •  Post on an EA website, SharePoint, Wiki, or      •  Compliance will be implemented according to the Federal CIO Council’s EA
    other collaboration tool.                           Alignment and Assessment guide (AAG).
                                                     •  Business Performance and Technical Standards will be evaluated



Identity Management Reference Architecture
                                                                           26     March 2008
                                             Recommendations and
                                             Lessons Learned


Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


Identity Management Reference Architecture
                                                27   March 2008
Lessons Learned & Recommendations
•  Choose a Good Topic
      – Domain Expertise
      – Choose a REAL Challenge
      – Get Interests Aligned
•  Handle the Practicum Like a Project
      – Nail the Statement of Work, BCG, and Problem Definition
      – Communication, Collaboration, and Workload Sharing
      – Gold in the professor feedback
•  Leverage Homework Assignments
      – Really understand your assignment scope
      – Really understand your assignment schedule
      – Really confirm your understanding of EA
•  Leverage your Team
      – 80% of what you learn will be cemented by your team
         collaboration

Identity Management Reference Architecture
                                             28   March 2008
  Reference Enterprise Architecture Scope
  Mapped to Deliverables – Assignment Scope
                                  WHAT                       HOW                   WHERE                         WHO                        WHEN                       WHY
                            INVENTORY IDENTIFICATION   PROCESS IDENTIFICATION   NETWORK IDENTIFICATION   ORGANIZATION IDENTIFICATION    TIMING IDENTIFICATION   MOTIVATION IDENTIFICATION



                                    5.3                        5.8                          5.12                                              5.4                 5.1          5.2
              SCOPE                                                                                                                                                                         STRATEGISTS
                                    5.5                      5.10                     5.11                        5.5                                                    5.9
                                INVENTORY TYPES            PROCESS TYPES            NETWORK TYPES            ORGANIZATION TYPES             TIMING TYPES            MOTIVATION TYPES

                              INVENTORY DEFINITION       PROCESS DEFINITION      NETWORK DEFINITION        ORGANIZATION DEFINITION        TIMING DEFINITION            5.10
                                                                                                                                                                  MOTIVATION DEFINITION



                                                                                                                                                                                              EXECUTIVE
              BUSINESS                                         5.7                                                                                                                             LEADERS
                                BUSINESS ENTITY         BUSINESS TRANSFORM        BUSINESS LOCATION            BUSINESS ROLE               BUSINESS CYCLE             BUSINESS END
                             BUSINESS RELATIONSHIP         BUSINESS INPUT        BUSINESS CONNECTION           BUSINESS WORK              BUSINESS MOMENT            BUSINESS MEANS

                            INVENTORY REPRESENTATION   PROCESS REPRESENTATION   NETWORK REPRESENTATION   ORGANIZATION REPRESENTATION    TIMING REPRESENTATION   MOTIVATION REPRESENTATION




              SYSTEM                                           5.6                                                                                                                           DESIGNERS
                                 SYSTEM ENTITY           SYSTEM TRANSFORM          SYSTEM LOCATION              SYSTEM ROLE                 SYSTEM CYCLE               SYSTEM END
                              SYSTEM RELATIONSHIP           SYSTEM INPUT          SYSTEM CONNECTION             SYSTEM WORK                SYSTEM MOMENT              SYSTEM MEANS

                            INVENTORY SPECIFICATION     PROCESS SPECIFICATION   NETWORK SPECIFICATION    ORGANIZATION SPECIFICATION     TIMING SPECIFICATION    MOTIVATION SPECIFICATION




              TECHNOLOGY                                                                                                                                                                     ENGINEERS
                               TECHNOLOGY ENTITY       TECHNOLOGY TRANSFORM       TECHNOLOGY LOCATION         TECHNOLOGY ROLE             TECHNOLOGY CYCLE          TECHNOLOGY END
                            TECHNOLOGY RELATIONSHIP       TECNOLOGY INPUT       TECHNOLOGY CONNECTION         TECHNOLOGY WORK            TECHNOLOGY MOMENT         TECHNOLOGY MEANS

                            INVENTORY CONFIGURATION    PROCESS CONFIGURATION    NETWORK CONFIGURATION    ORGANIZATION CONFIGURATION     TIMING CONFIGURATION    MOTIVATION CONFIGURATION

  Context

   Data
              COMPONENT                                                                                                                                                                     TECHNICIANS
                               COMPONENT ENTITY        COMPONENT TRANSFORM       COMPONENT LOCATION            COMPONENT ROLE             COMPONENT CYCLE           COMPONMENT END

  Process                   COMPONENT RELATIONSHIP        COMPONENT INPUT       COMPONENT CONNECTION          COMPONENT WORK             COMPONENT MOMENT           COMPONENT MEANS

                            INVENTORY INSTANTIATION    PROCESS INSTANTIATION    NETWORK INSTANTIATION    ORGANIZATION INSTANTIATION     TIMING INSTANTIATION    MOTIVATION INSTANTIATION




                                                    THE ENTERPRISE
Performance

              OPERATIONS                                                                                                                                                                       WORKERS
 Network
                               OPERATIONS ENTITY       OPERATIONS TRANSFORM      OPERATIONS LOCATION          OPERATIONS ROLE             OPERATIONS CYCLE          OPERATIONS END
                            OPERATIONS RELATIONSHIP       OPERATIONS INPUT      OPERATIONS CONNECTION         OPERATIONS WORK            OPERATIONS MOMENT          OPERATIONS MEAN




                               INVENTORY                   PROCESS                  NETWORK                ORGANIZATION                      TIMING                MOTIVATION


   Identity Management Reference Architecture
                                                                                                                           29          March 2008
                                             Appendix B:
                                             Supporting Detail


Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


Identity Management Reference Architecture
                                                30   March 2008
5.2 Guidance Summary
 #     Document Title                                         Notes
 6.1   Homeland Security Presidential Directive-12            Designed to increase Government efficiency,      Strategic Directive Level
                                                              reduce identity fraud, and protect personal
                                                              privacy by establishing a mandatory,
                                                              Government-wide standard for secure and
                                                              reliable forms of identification issued by the
                                                              Federal Government to its employees and
                                                              contractors (including contractor employees.
                                                              http://csrc.nist.gov/drivers/documents/
                                                              Presidential-Directive-Hspd-12.html

 6.2   Federal Information Processing Standard (FIPS)         This standard specifies the architecture and     Strategic Directive Level
       201:                                                   technical requirements for a common
       “Personal Identity Verification of Federal Employees   identification standard for Federal employees
       and Contractors “                                      and contractors. developed to satisfy the
                                                              requirements of HSPD 12, approved by the
                                                              Secretary of Commerce, and issued on
                                                              February 25, 2005

       Pub. L. 107-347, E-Government Act of 2002.             To enhance the management and promotion          Law Executive/Legislative Level
                                                              of electronic Government services and
                                                              processes by establishing a Federal Chief
                                                              Information Officer within the Office of
                                                              Management and Budget, and by establishing
                                                              a broad framework of measures that require
                                                              using Internet-based information technology
                                                              to enhance citizen access to Government
                                                              information and services, and for other
                                                              purposes.

       Pub. L. 107-347, E-Government Act of 2002, Title       Enacted to streamline—while at the same          Law Executive/Legislative Level
       III, Federal Information Security Management Act       time strengthening—the requirements of its
       (FISMA) of 2002.                                       predecessor, the Government Information
                                                              Security Reform Act (GISRA). FISMA
                                                              compliance is a matter of national security,
                                                              and therefore is scrutinized at the highest
                                                              level of government. Yet FISMA compliance
                                                              presents significant challenges for federal
                                                              agencies, and for any organization that deals
                                                              with federal information.

       Pub. L. 101-576, The Chief Financial Officers (CFO)    intended to improve the government's             Law Executive/Legislative Level
       Act of 1990                                            financial management, outlining standards of
                                                              financial performance and disclosure. Among
                                                              other measures, the Office of Management
                                                              and Budget (OMB) was given greater
                                                              authority over federal financial management.


Identity Management Reference Architecture
                                                                                              31     March 2008
5.2 Guidance Summary (cont’d)
 #     Document Title                                        Notes
       President's Management Agenda of 2002                 An aggressive strategy for improving the        Strategic Directive Level
                                                             management of the Federal government. It
                                                             focuses on five areas of management
                                                             weakness across the government where
                                                             improvements and the most progress can be
                                                             made.
       Government Performance and Results Act of 1993.       Seeks to shift the focus of government       Law Executive/Legislative Level
                                                             decision-making and accountability away from
                                                             a preoccupation with the activities that are
                                                             undertaken - such as grants dispensed or
                                                             inspections made - to a focus on the results
                                                             of those activities, such as real gains in
                                                             employability, safety, responsiveness, or
                                                             program quality. Under the Act, agencies are
                                                             to develop multiyear strategic plans, annual
                                                             performance plans, and annual performance
                                                             reports.

       44 U.S.C. 3501, et seq., Paperwork Reduction Act of   Minimize the paperwork burden for              Law Executive/Legislative Level
       1995, Pub. L. 104-13, as amended.                     individuals, small businesses, educational and
                                                             nonprofit institutions, Federal contractors,
                                                             State, local and tribal governments, and other
                                                             persons resulting from the collection of
                                                             information by or for the Federal Government.
       40 U.S.C. 1401, et seq., Chapter 808 of Pub. L        Provides that the government information         Law Executive/Legislative Level
       104-208, the Clinger-Cohen Act of 1996 [renaming,     technology shop be operated exactly as an
       in pertinent part, the Information Technology         efficient and profitable business would be
       Management Reform Act (ITMRA), Division E of Pub.     operated. Acquisition, planning and
       L 104-106].                                           management of technology must be treated
                                                             as a "capital investment." While the law is
                                                             complex, all consumers of hardware and
                                                             software in the Department should be aware
                                                             of the Chief Information Officer's leadership in
                                                             implementing this statute.

       OMB Circular No. A-123, Management                    Requires Federal employees to design            Strategic Directive Level
       Accountability and Control, dated June 21, 1995.      management structures that help ensure
                                                             accountability for results, and include
                                                             appropriate, cost-effective controls and
                                                             provides guidance to Federal managers on
                                                             improving the accountability and
                                                             effectiveness of Federal programs and
                                                             operations by establishing, assessing,
                                                             correcting, and reporting on management
                                                             controls.

Identity Management Reference Architecture
                                                                                            32     March 2008
5.2 Guidance Summary (cont’d)
 #     Document Title                                     Notes
       OMB Circular No. A-130, Appendix III Management    This Circular establishes policy for the            Strategic Directive Level
       of Federal Information Resources dated November    management of Federal information
       28, 2000.                                          resources. OMB includes procedural and
                                                          analytic guidelines for implementing specific
                                                          aspects of these policies as appendices.

       M04-04 Presidential memorandum: E-Authentication Requires agencies to review new and existing
       Guidance for Federal Agencies                    electronic transactions to ensure that
                                                        authentication processes provide the
                                                        appropriate level of assurance. It establishes
                                                        and describes four levels of identity assurance
                                                        for electronic transactions requiring
                                                        authentication. Assurance levels also provide
                                                        a basis for assessing Credential Service
                                                        Providers (CSPs) on behalf of Federal
                                                        agencies. This document will assist agencies
                                                        in determining their e-government
                                                        authentication needs. Agency business-
                                                        process owners bear the primary
                                                        responsibility to identify assurance levels and
                                                        strategies for providing them. This
                                                        responsibility extends to electronic
                                                        authentication systems
                                                        http://www.whitehouse.gov/omb/
                                                        memoranda/fy04/m04-04.pdf
       Homeland Security Presidential Directive-7         This directive establishes a national policy for    Strategic Directive Level
                                                          Federal departments and agencies to identify
                                                          and prioritize United States critical
                                                          infrastructure and key resources and to
                                                          protect them from terrorist attacks.

       National Infrastructure Protection Plan            The National Infrastructure Protection Plan         Strategic Directive Level
                                                          (NIPP) and supporting Sector-Specific Plans
                                                          (SSPs) provide a coordinated approach to
                                                          critical infrastructure and key resources (CI/
                                                          KR) protection roles and responsibilities for
                                                          federal, state, local, tribal, and private sector
                                                          security partners. The NIPP sets national
                                                          priorities, goals, and requirements for
                                                          effective distribution of funding and resources
                                                          which will help ensure that our government,
                                                          economy, and public services continue in the
                                                          event of a terrorist attack or other disaster.



Identity Management Reference Architecture
                                                                                           33     March 2008
                                             Appendix X: Arguments
                                             Clarifications, assumptions, and
                                             defense of artifacts
Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


Identity Management Reference Architecture
                                                  34   March 2008
5.5 Business Node Connectivity Diagram
                                             From Slide 20,
                                                  FEAF
                                              Architecture
                                                Products




     From Slide 9, Overview of
        Architecture Views




                                                                                  From Slide 19,
                                                                                   Overview of
                                                                                Architecture Views

Identity Management Reference Architecture
                                                              35   March 2008
  Reference Enterprise Architecture Scope
  Mapped to Deliverables – Utility of FEA RMs
                                  WHAT                       HOW                   WHERE                         WHO                        WHEN                       WHY
                            INVENTORY IDENTIFICATION   PROCESS IDENTIFICATION   NETWORK IDENTIFICATION   ORGANIZATION IDENTIFICATION    TIMING IDENTIFICATION   MOTIVATION IDENTIFICATION



                                    5.3                        5.8                          5.12                                              5.4                 5.1          5.2
              SCOPE
                                                           BRM                        5.11                        5.5                                                    5.9
                                                                                                                                                                                            STRATEGISTS
                                    5.5                      5.10
                                INVENTORY TYPES            PROCESS TYPES            NETWORK TYPES            ORGANIZATION TYPES             TIMING TYPES             PRM
                                                                                                                                                                    MOTIVATION TYPES

                              INVENTORY DEFINITION       PROCESS DEFINITION      NETWORK DEFINITION        ORGANIZATION DEFINITION        TIMING DEFINITION            5.10
                                                                                                                                                                  MOTIVATION DEFINITION



                                                                                                                                                                                              EXECUTIVE
              BUSINESS                                         5.7                                                                                                                             LEADERS
                                BUSINESS ENTITY         BUSINESS TRANSFORM        BUSINESS LOCATION            BUSINESS ROLE               BUSINESS CYCLE             BUSINESS END



                                                           SRM
                             BUSINESS RELATIONSHIP         BUSINESS INPUT        BUSINESS CONNECTION           BUSINESS WORK              BUSINESS MOMENT            BUSINESS MEANS

                            INVENTORY REPRESENTATION   PROCESS REPRESENTATION   NETWORK REPRESENTATION   ORGANIZATION REPRESENTATION    TIMING REPRESENTATION   MOTIVATION REPRESENTATION




              SYSTEM                                           5.6                                                                                                                           DESIGNERS
                                 SYSTEM ENTITY           SYSTEM TRANSFORM          SYSTEM LOCATION              SYSTEM ROLE                 SYSTEM CYCLE               SYSTEM END
                              SYSTEM RELATIONSHIP           SYSTEM INPUT          SYSTEM CONNECTION             SYSTEM WORK                SYSTEM MOMENT              SYSTEM MEANS

                            INVENTORY SPECIFICATION     PROCESS SPECIFICATION   NETWORK SPECIFICATION    ORGANIZATION SPECIFICATION     TIMING SPECIFICATION    MOTIVATION SPECIFICATION




              TECHNOLOGY                                                                                                                                                                     ENGINEERS
                               TECHNOLOGY ENTITY       TECHNOLOGY TRANSFORM       TECHNOLOGY LOCATION         TECHNOLOGY ROLE             TECHNOLOGY CYCLE          TECHNOLOGY END
                            TECHNOLOGY RELATIONSHIP       TECNOLOGY INPUT       TECHNOLOGY CONNECTION         TECHNOLOGY WORK            TECHNOLOGY MOMENT         TECHNOLOGY MEANS

                            INVENTORY CONFIGURATION    PROCESS CONFIGURATION    NETWORK CONFIGURATION    ORGANIZATION CONFIGURATION     TIMING CONFIGURATION    MOTIVATION CONFIGURATION

  Context

   Data
              COMPONENT                                                                                                                                                                     TECHNICIANS
                               COMPONENT ENTITY        COMPONENT TRANSFORM       COMPONENT LOCATION            COMPONENT ROLE             COMPONENT CYCLE           COMPONMENT END

  Process                   COMPONENT RELATIONSHIP        COMPONENT INPUT       COMPONENT CONNECTION          COMPONENT WORK             COMPONENT MOMENT           COMPONENT MEANS

                            INVENTORY INSTANTIATION    PROCESS INSTANTIATION    NETWORK INSTANTIATION    ORGANIZATION INSTANTIATION     TIMING INSTANTIATION    MOTIVATION INSTANTIATION




                                                    THE ENTERPRISE
Performance

              OPERATIONS                                                                                                                                                                       WORKERS
 Network
                               OPERATIONS ENTITY       OPERATIONS TRANSFORM      OPERATIONS LOCATION          OPERATIONS ROLE             OPERATIONS CYCLE          OPERATIONS END
                            OPERATIONS RELATIONSHIP       OPERATIONS INPUT      OPERATIONS CONNECTION         OPERATIONS WORK            OPERATIONS MOMENT          OPERATIONS MEAN




                               INVENTORY                   PROCESS                  NETWORK                ORGANIZATION                      TIMING                MOTIVATION


   Identity Management Reference Architecture
                                                                                                                           36          March 2008
Sector-Specific Agencies and
HSPD-7 Assigned CI/KR Sectors
         Critical Infrastructure Sector                         Sector-Specific Agency
         Agriculture & Food                                     Department of Agriculture (meat, poultry, and egg foods)
                                                                Food and Drug Administration (other foods)

         Defense Industrial Base                                Department of Defense

         Energy   (oil, gas, and electric power, not nuclear)   Department of Energy

         Public Health and Healthcare                           Department of Health and Human Services

         National Monuments and Icons                           Department of the Interior

         Banking and Finance                                    Department of the Treasury

         Drinking Water and Water Treatment Systems             Environmental Protection Agency

         Chemical
         Commercial Facilities
         Dams, Locks, and Levees                                Department of Homeland Security
         Emergency Services
         Commercial Nuclear Reactors, Materials, and Waste
         Information Technology                                 Department of Homeland Security
         Telecommunications

         Postal and Shipping                                    Department of Homeland Security

         Transportation Systems                                 Department of Homeland Security

         Government Facilities                                  Department of Homeland Security


Identity Management Reference Architecture
                                                                           37    March 2008
Government/Market framework for
Identity Management Reference Architecture


                                                           Identity Management
                                                           Reference Architecture




                                                                       US Federal
                                                                       Enterprise
                                                                           (FEAF)



                                              IT MSP
                                             Enterprise
                                             (IT MSP EA)


                                                                      US Defense
                                                                       Enterprise
                                                                           (DODAF)




Identity Management Reference Architecture
                                                                      38     March 2008
Market System framework for
Identity Management Reference Architecture
                       Market System                                                                    Market Policy
                   (Commercial Sector operators                                                       (Market Interventions)
               Driven primarily by investor priorities)

                                                                                  Identity Management
                                                                                 Reference Architecture
                                                                                                                                    Federal
                                    Critical Sector
                                        (Industry EA)                                                                                Policy
                                                                                                 US Federal
                                                  B                                              Enterprise
                                                                                                      (FEAF)
                                                                                                                      EA Policy
                                                                                                                (Government-wide policy)
                                                              IT MSP

                                        B                 Enterprise
                                                              (IT MSP EA)                A
                    Critical Sector
                     (e.g. Electricity EA)                                                       US Defense
                                                                                                 Enterprise
                                                                                                      (DODAF)


                                                          B                 B
                                                                            Critical Sector
                                                                                (e.g. Defense-
                                              Critical Sector
                                                                            Industrial Base EA)
                                             (e.g. Transportation EA)


                                                                                                 Industry-specific Policy
                                                                                                       (Industry Regulation)




Identity Management Reference Architecture
                                                                                                 39     March 2008
                                             Identity Management
                                             Reference Architecture
                                             Statement of Work

Identity Management Architecture Team
Greg Black, James Ryan, Paul Kavitz


Identity Management Reference Architecture
                                                 40   March 2008
1.  Introduction
    Background
1. Introduction
 •  This project defines a reference enterprise architecture for the personal identity
      verification (PIV) managed service and its surrounding identity management
      suprasystem as guided by Homeland Security Presidential Directive 12 (HSPD-12) and
      Federal Information Processing Standard (FIPS) 201.
2. Background
 •  Homeland Security Presidential Directive-12 (HSPD-12) mandates implementation of
      personal identity verification smart card credentials for all employees and contractors of
      the US Federal government
 •    The GSA Schedule for HSPD-12 has identified a number of managed service providers
      qualified to deliver credentialing services to agencies required to comply with the
      directive.
 •    Beyond the narrow implementation of this directive, a credentialing service must be
      integrated within the larger Enterprise Architecture of each agency across the Federal
      Government and their facilities distributed across the world.
 •    Furthermore, many Federal missions require the ability for government to assure the
      identity of various public communities including alien visitors and immigrants, operators
      of critical infrastructures (i.e. transportation), etc. These all have other means to
      credential individuals that are regulated by other various, non-integrated standards.
 •    With multiple identity management implementations already underway, GSA seeks an
      enterprise architecture as a decision support tool to inform the governance of the
      identity management implementations across government. The intent is to promote
      realization of the anticipated security benefits these credentials afford and to minimize
      the variety of implementations.


Identity Management Reference Architecture
                                                          41   March 2008
3. Scope
 •  This project will define an enterprise reference architecture that places the HSPD-12
    personal identity verification (PIV) credential managed service in the context of the
    broader Federal Enterprise Architecture.
     –  As such, it intends to identity opportunities for GSA, each implementing agency, and
        the managed service providers
     –  to identify reuse opportunities, improve integration, and realize business benefits of
        common personal identity verification (PIV) services across all of government.
 •  Bounds and magnitudes
     –  The Personal Identity Verification Enterprise Reference Architecture (PIV-ERA) shall
        define multiple architectural perspectives limited to descriptive representations of the
        PIV function and its immediately adjacent systems (the proximate suprasystem). At
        the business and system level, the PIV-ERA shall a reference model only, and as such
        shall be neutral with regards to any particular agency, however it will be specific to
        the US Federal Government.
     –  The Zachman Enterprise Architecture Framework v2.01 (Ref. 6.4) serves to further
        clarify the boundary for this SOW (see fig. 3.1) As follows:
         •  Scoping identification (Zachman Row 1) for Personal Identity Verification shall be
            developed for all focus areas (Inventory, Process, Network, Organization, and
            Motivation).
         •  Business conceptual definitions (Zachman Row 2) for Personal Identity Verification
            shall be developed for the Inventory, Process, and Motivation focus areas. (Cells
            2,1; 2,2; and 2,6).
         •  A reference System Process Representation (Zachman Cell 3,2) shall be developed
            for Personal Identity Verification
     –  Estimated total effort for development of PIV-ERA is approximately a three person
        effort over 8 weeks for a total of about 300 person-hours effort.


Identity Management Reference Architecture
                                                        42   March 2008
Fig. 3.1 Identity Management Scope
Enterprise View
                               WHAT                       HOW                   WHERE                         WHO                        WHEN                       WHY
                         INVENTORY IDENTIFICATION   PROCESS IDENTIFICATION   NETWORK IDENTIFICATION   ORGANIZATION IDENTIFICATION    TIMING IDENTIFICATION   MOTIVATION IDENTIFICATION




         SCOPE                                                                                                                                                                           STRATEGISTS

                             INVENTORY TYPES            PROCESS TYPES            NETWORK TYPES            ORGANIZATION TYPES             TIMING TYPES            MOTIVATION TYPES

                           INVENTORY DEFINITION       PROCESS DEFINITION      NETWORK DEFINITION        ORGANIZATION DEFINITION        TIMING DEFINITION       MOTIVATION DEFINITION



                                                                                                                                                                                           EXECUTIVE
         BUSINESS
                                                                                                                                                                                            LEADERS
                             BUSINESS ENTITY         BUSINESS TRANSFORM        BUSINESS LOCATION            BUSINESS ROLE               BUSINESS CYCLE             BUSINESS END
                          BUSINESS RELATIONSHIP         BUSINESS INPUT        BUSINESS CONNECTION           BUSINESS WORK              BUSINESS MOMENT            BUSINESS MEANS

                         INVENTORY REPRESENTATION   PROCESS REPRESENTATION   NETWORK REPRESENTATION   ORGANIZATION REPRESENTATION    TIMING REPRESENTATION   MOTIVATION REPRESENTATION




         SYSTEM                                                                                                                                                                           DESIGNERS
                              SYSTEM ENTITY           SYSTEM TRANSFORM          SYSTEM LOCATION              SYSTEM ROLE                 SYSTEM CYCLE               SYSTEM END
                           SYSTEM RELATIONSHIP           SYSTEM INPUT          SYSTEM CONNECTION             SYSTEM WORK                SYSTEM MOMENT              SYSTEM MEANS

                         INVENTORY SPECIFICATION     PROCESS SPECIFICATION   NETWORK SPECIFICATION    ORGANIZATION SPECIFICATION     TIMING SPECIFICATION    MOTIVATION SPECIFICATION




         TECHNOLOGY                                                                                                                                                                       ENGINEERS
                            TECHNOLOGY ENTITY       TECHNOLOGY TRANSFORM       TECHNOLOGY LOCATION         TECHNOLOGY ROLE             TECHNOLOGY CYCLE          TECHNOLOGY END
                         TECHNOLOGY RELATIONSHIP       TECNOLOGY INPUT       TECHNOLOGY CONNECTION         TECHNOLOGY WORK            TECHNOLOGY MOMENT         TECHNOLOGY MEANS

                         INVENTORY CONFIGURATION    PROCESS CONFIGURATION    NETWORK CONFIGURATION    ORGANIZATION CONFIGURATION     TIMING CONFIGURATION    MOTIVATION CONFIGURATION




         COMPONENT                                                                                                                                                                       TECHNICIANS
                            COMPONENT ENTITY        COMPONENT TRANSFORM       COMPONENT LOCATION            COMPONENT ROLE             COMPONENT CYCLE           COMPONMENT END
                         COMPONENT RELATIONSHIP        COMPONENT INPUT       COMPONENT CONNECTION          COMPONENT WORK             COMPONENT MOMENT           COMPONENT MEANS

                         INVENTORY INSTANTIATION    PROCESS INSTANTIATION    NETWORK INSTANTIATION    ORGANIZATION INSTANTIATION     TIMING INSTANTIATION    MOTIVATION INSTANTIATION




         OPERATIONS
                            OPERATIONS ENTITY
                         OPERATIONS RELATIONSHIP
                                                 THE ENTERPRISE
                                                    OPERATIONS TRANSFORM
                                                       OPERATIONS INPUT
                                                                              OPERATIONS LOCATION
                                                                             OPERATIONS CONNECTION
                                                                                                           OPERATIONS ROLE
                                                                                                           OPERATIONS WORK
                                                                                                                                       OPERATIONS CYCLE
                                                                                                                                      OPERATIONS MOMENT
                                                                                                                                                                 OPERATIONS END
                                                                                                                                                                 OPERATIONS MEAN
                                                                                                                                                                                            WORKERS




                            INVENTORY                   PROCESS                  NETWORK                ORGANIZATION                      TIMING                MOTIVATION


Identity Management Reference Architecture
                                                                                                                        43          March 2008
4.Deliverable Schedule & Dependencies


  Input                        Task 1                       Task 2                           Task 4
Documents

   SOW                           5.1                           5.3                              5.9

     6.1                         5.2                           5.4                             5.10                         Final
                                                                                                                        Presentation
     6.2                                                       5.5
                                                                                             Performance
                                                           Data Artifacts                      Artifacts
     6.3

     6.4                                                    Task 3                           Task 5

                                                               5.6                             5.11

                                                               5.7                             5.12

                                                               5.8
Context Artifacts           Context Artifacts             Process Artifacts              Network Artifacts




                    Task                        Task 1                        Task 2,3                       Task 4,5                   Grades
                    Award                       Signoff                       Signoff                        Signoff                   Awarded




Identity Management Reference Architecture
                                                                                        44      March 2008

								
To top