Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in the day-to-day business and preparations during non-emergency periods. However, these advantages can be limited if unnecessary or complex authentication requirements stand in the way of an official providing emergency services, especially when any delay – even seconds – is a matter of containing or exacerbating an emergency situation. The vast diversity of public safety personnel, missions, and operational environments magnifies the need for a nimble authentication solution for public safety. This project will explore various multifactor authenticators currently in use, or potentially offered in the future, by the public safety community as their next generation networks are brought online. The effort will not only build an interoperable solution that can accept various authenticators to speed access to online systems while maintaining an appropriate amount of security, but the project will also focus on delivering single sign-on (SSO) capabilities to both native and web/browser-based apps. It is not enough to have an authenticator that is easy to use; this project sets out to identify technical options for the public safety community to consider deploying to ensure individuals in the field are not kept from meeting their mission goals by unnecessary authentication prompts. This project will result in a freely available NIST Cybersecurity Practice Guide, detailing the technical decisions, trade-offs, lessons-learned, and build instructions, based on market-dominant standards, such that public safety organizations can accelerate the deployment of a range of mobile authentication and SSO services to their population of users.
- US Carriers Partner on a Better Mobile Authentication System Digest Article
- Data Privacy Day – Consumer Resources Information Page
- Thousands of Mobile Apps Leak Data from Firebase Databases Digest Article
- DISA Modernizes SIPRNet Delivery, Increases Mission Partner Savings Digest Article
- DHS S&T Awards $640K to the Critical Infrastructure Resilience Institute for Supply Chain Cyber-Threats Research Digest Article