In accordance with NIEF’s philosophy of pushing trust decisions to the edges of the network, NIEF does not prescribe minimum trust requirements for its participants from either a technical perspective or a policy perspective. However, NIEF does provide a comprehensive suite of recommended technical and policy-level guidance based on the type of data that participating organizations are exchanging. NIEF’s guidance is based on three well-known NIST special publications:
- NIST SP 800-60 Volume II: Appendices to Guide for Mapping Types of Information and Information Systems to Security Categories
- NIST SP 800-53 Rev. 4: Security and Privacy Controls for Federal Information Systems and Organizations
- NIST SP 800-63-3: Digital Identity Guidelines
From the list of data categories defined in NIST SP 800-60, we have identified 13 categories that are commonly shared within the public safety community. For each of those data categories, we have defined a set of trust requirement profiles covering all major aspects of information sharing trust. NIEF participants can choose the appropriate requirements profiles based on the data category being shared, as well as the role(s) they are playing in the data sharing relationship.
The following sections introduce the necessary background information that you need to understand before your organization can apply and use this implementer guidance.
Table of Contents
- NIEF Public Safety Data Categories
- NIEF Participant Roles
- Types of Requirement Profiles
- NIEF Implementer Guidance Profiles by Data Category
- How to Use This Implementer Guidance
NIEF Public Safety Data Categories
The following table defines each data category from NIST SP 800-60 Volume II for which NIEF publishes implementer guidance. These 13 data categories have been chosen because collectively they represent all of the major types of data shared within the public safety community.
| Data Category | Definition |
|---|---|
| Border and Transportation Security Data | Border and Transportation Security includes facilitating or deterring entry and exit of people, goods, and conveyances at and between U.S. ports of entry, as well as ensuring the security of transportation and infrastructure networks, facilities, vehicles, and personnel within the United States. Border control involves enforcing the laws regulating the admission of foreign-born persons (i.e., aliens) to the United States. This includes patrolling and monitoring borders and deportation of illegal aliens. Some border control information is also associated with other mission information types (e.g., criminal apprehension, and criminal investigation and surveillance information). In such cases, the impact levels of the associated mission information may determine impact levels associated with border control information. Some aspects of ensuring security of transportation and infrastructure networks, facilities, vehicles, and personnel within the United States are also covered under the information types associated with the transportation mission. In some cases the border control information may be classified. Any classified information is treated under separate rules established for national security information. |
| Key Asset and Critical Infrastructure Protection Data | Key Asset and Critical Infrastructure Protection involves assessing key asset and critical infrastructure vulnerabilities and taking direct action to mitigate vulnerabilities, enhance security, and ensure continuity and necessary redundancy in government operations and personnel. The Critical Infrastructure Information Protection Act of 2002 (6 U.S.C. 131-134) places specific controls on the dissemination of critical infrastructure information (see Volume I, 3.5.2.3). Under the provisions of Executive Order 13292, some anti-terrorism information is subject to security classification. National security information is outside the scope of this guideline. |
| Emergency Response Data | Emergency Response involves the immediate actions taken to respond to a disaster (e.g., wildfire management). These actions include providing mobile telecommunications, operational support, power generation, search and rescue, and medical life saving actions. Impacts to emergency response information and the information systems that process and store emergency response information could result in negative impacts on cross-jurisdictional coordination within the critical emergency services infrastructure and the general effectiveness of organizations tasked with emergency response missions. |
| Criminal Apprehension Data | Criminal Apprehension supports activities associated with the tracking and capture of groups or individuals believed to be responsible for committing crimes. |
| Criminal Investigation and Surveillance Data | Criminal Investigation and surveillance includes the collection of evidence required to determine responsibility for a crime and the monitoring and questioning of affected parties. |
| Citizen Protection Data | Citizen Protection involves all activities performed to protect the general population of the United States from criminal activity. |
| Leadership Protection Data | Leadership Protection involves all activities performed to protect the health and well being of the president, vice-president, their families, and other high-level government officials. Some leadership protection information may be classified. All classified information is treated under separate rules established for national security information and is outside the scope of this guideline. |
| Property Protection Data | Property Protection entails all activities performed to ensure the security of civilian and government property. |
| Substance Control Data | Substance Control supports activities associated with the enforcement of legal substances (i.e., alcohol and tobacco) and illegal narcotics laws including trafficking, possession, sale, distribution, and other related activities. |
| Crime Prevention Data | Crime Prevention entails all efforts designed to create safer communities through the control and reduction of crime by addressing the causes of crime and reducing the opportunities of crime. |
| Trade Law Enforcement Data | Trade Law Enforcement refers to the enforcement of anti-boycott, international loan, and general trade laws. |
| Criminal Incarceration Data | Criminal Incarceration includes activities associated with the housing, custody and general care of criminals sentenced to serve time in penitentiaries. |
| Criminal Rehabilitation Data | Criminal Rehabilitation includes all government activities devoted to providing convicted criminals with the educational resources and life skills necessary to rejoin society as responsible and contributing members. |
NIEF Participant Roles
The following table defines each role in which a NIEF Information Sharing Participant can participate in an information sharing transaction with an information sharing partner organization.
| Participant Role | Definition |
|---|---|
| Identity Provider Organization (IDPO) | An organization that manages a population of users and enables them to access external resources in NIEF through Single Sign-On (SSO) technologies via an Identity Provider System |
| Service Provider Organization (SPO) | An organization that hosts a set of digital data resources and makes them available to external user populations in NIEF through SSO technologies via a Service Provider System |
| Identity Provider (IDP) System | A system that implements the Identity Provider role in an SSO protocol transaction |
| Service Provider (SP) System | A system that implements the Service Provider (i.e., Relying Party) role in an SSO protocol transaction |
| Relying Party (RP) System | Another name for a Service Provider system |
| SAML IDP System | A system that implements the Identity Provider role in the Security Assertion Markup Language (SAML) SSO Profile and interfaces with SAML SP systems |
| SAML SP System | A system that implements the Service Provider (i.e., Relying Party) role in the Security Assertion Markup Language (SAML) SSO Profile and interfaces with SAML IDP systems |
| OIDC OpenID Provider (OP) System | A system that implements the OpenID Provider (OP) (i.e., Identity Provider) role in the OpenID Connect (OIDC) protocol and interfaces with OIDC RP systems |
| OIDC RP System | A system that implements the Relying Party (i.e., Service Provider) role in the OpenID Connect (OIDC) protocol and interfaces with OIDC OP systems |
Types of Requirement Profiles
The following table defines each type of requirement profile that NIEF defines within its suite of implementer guidance. Each type of requirement profile covers a specific aspect of technical and/or policy-level requirements that are important for the purpose of achieving trusted, interoperable data exchange. Topics covered by these profiles include on-the-wire protocol conformance, security and privacy policies, identity assurance, and ICAM attributes for asserting key information about users in a data sharing transaction.
| Requirement Profile | Definition |
|---|---|
| ICAM Network Protocol Profile | A profile of requirements for a system that implements a specific role (e.g., Identity Provider or Service Provider) in a specific SSO protocol (e.g., SAML or OIDC) |
| Baseline Security Control Profile | A profile of organizational security policy requirements based on the catalog of security controls in Appendix F of NIST SP 800-53 r4, Security and Privacy Controls for Federal Information Systems and Organizations |
| Data Privacy Control Profile | A profile of organizational privacy policy requirements pertaining to any personally identifiable information (PII) shared within the payload of a data sharing transaction, based on the catalog of data privacy controls in Appendix J of NIST SP 800-53 r4, Security and Privacy Controls for Federal Information Systems and Organizations |
| ICAM Privacy Control Profile | A profile of organizational privacy policy requirements pertaining to PII and other sensitive data shared about a user during an SSO transaction, based on the NIEF Privacy Policy |
| Identity Assurance Profile | A profile of organizational identity assurance requirements pertaining to the vetting of end-users, based on NIST SP 800-63-A: Enrollment and Identity Proofing |
| Authenticator Assurance Profile | A profile of organizational identity assurance requirements pertaining to the credentialing of end-users, based on NIST SP 800-63-B: Authentication and Lifecycle Management |
| Federation Assurance Profile | A profile of organizational identity assurance requirements pertaining to the federated reuse of local identities and credentials for access to external resources via SSO technologies, based on NIST SP 800-63-C: Federation and Assertions |
| Attribute Assertion Profile | A profile of organizational identity assurance requirements pertaining to the assertion of commonly understood and rigorously defined attributes about users in federated SSO transactions, based on the attributes defined in the NIEF Attribute Registry |
NIEF Implementer Guidance Profiles by Data Category
Based on all of the data categories defined in the previous sections, the following table shows NIEF’s recommended implementer guidance by data category, participant role, and requirement profile. Each link in the table points to a published Trust Interoperability Profile (TIP) in the NIEF Trust Policy Authoring Tool.
| Data Category | ICAM Network Protocol Profile | Baseline Security Control Profile | Data Privacy Control Profile* | ICAM Privacy Control Profile | Identity Assurance Profile | Authenticator Assurance Profile | Federation Assurance Profile | Attribute Assertion Profile | ||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SAML IDP | SAML SP | OIDC OP | OIDC RP | Minimal | Ideal | IDPO | SPO | IDP | RP | |||||
| Border and Transportation Security | link | link | link | link | link | link | link | link | link | link | link | link | link | link |
| Key Asset and Critical Infrastructure Protection | link | link | link | link | link | |||||||||
| Emergency Response | link | link | link | link | link | |||||||||
| Criminal Apprehension | link | link | link | link | link | |||||||||
| Criminal Investigation and Surveillance | link | link | link | link | link | |||||||||
| Citizen Protection | link | link | link | link | link | |||||||||
| Leadership Protection | link | link | link | link | link | |||||||||
| Property Protection | link | link | link | link | link | |||||||||
| Substance Control | link | link | link | link | link | |||||||||
| Crime Prevention | link | link | link | link | link | |||||||||
| Trade Law Enforcement | link | link | link | link | link | |||||||||
| Criminal Incarceration | link | link | link | link | link | |||||||||
| Criminal Rehabilitation | link | link | link | link | link | |||||||||
* This profile is applicable only when sharing PII.
How to Use This Implementer Guidance
The most straightforward way to use this implementer guidance is to:
- Deploy the necessary trustmark software tools;
- Acquire the necessary trustmarks so that your organization can demonstrate compliance with the appropriate profiles;
- Publish your services and trustmarks in the NIEF Trustmark Binding Registry;
- Publish policies that detail your organization’s trust requirements for its information sharing partners, based on the specific information sharing use cases and categories of data to be shared in those use cases.
Detailed instructions on how to do all of this are beyond the scope of this website; however, you can learn more about how to implement the trustmark framework by visiting the Trustmark Initiative website. You can also reach out to us for help at help@nief.org.