Identity and Access Management (IAM)

SWIM is providing a digital certificate service capability to issue and validate digital certificates to positively identify NAS systems and applications when sharing information. Although implemented by SWIM, the IAM infrastructure can be leveraged by any NAS system on the OPIP network.

Objectives of Identity and Access Management (IAM)

  • Reduce cyber vulnerabilities associated with older methods of authentication
  • Meet new FAA security policy for authentication
  • Provide a NAS Public Key Infrastructure (PKI) as part of the Federal PKI Trust Framework to support secure communications within NAS, and between NAS and external partners
  • Create digital identities and credentials for NAS systems and applications

Identity and Access Management (IAM) Capabilities

  • Issue x.509 PKI certificates from a Federally trusted Certificate Authority (U.S. Common Policy Compliant)
  • Certificate Revocation ability
  • Certificate Validation Service
  • Provide Secure Tokens to support Security Assertion Markup Language (SAML) for exchanging authentication and authorization information
  • Access Control capability using an attribute directory (FY20)
Last updated: Friday, April 21, 2023