What is the DOI Acquisition of IT Cloud Services / Mandatory Use of Pre-Approved Contracts?
This policy issued September 27, 2016 states that all DOI Bureaus and offices are required to use the Departments current approved cloud contracts when procuring cloud services or receive a waiver. View the policy memo.
3) Mention which is the default protocol used in directory services?The default protocol used in directory services is LDAP ( Lightweight Directory Access Protocol).
| Enterprise Admin Group | Domain Admin Group |
|
|
7) Mention what system state data contains?System state data contains
What is a RPT (Relying Party Trust)?
Relying party trusts are trust objects typically created in:
A relying party trust object consists of a variety of identifiers, names, and rules that identify this partner or web-application to the local Federation Service.
Security Assertion Markup Language (SAML, pronounced sam-el[1]) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
The single most important requirement that SAML addresses is web browser single sign-on (SSO). Single sign-on is common at the intranet level (using cookies, for example) but extending it beyond the intranet has been problematic and has led to the proliferation of non-interoperable proprietary technologies.
Who should I provide as the Technical Point of Contact (POC) when submitting my request?
The Technical POC is the person that will be most capable of answering technical questions regarding the application. This may be the person submitting the form, or it may be someone else that is aware of the application/service requirements and can provide details to the ADFS development team as needed to complete request.
An ATO (Authorization to Operate) refers to the permission for a product to be used in an existing system. The ATO includes the following approved documents: PIA, SORN, Privacy Plan, and SSP for A&A.
10) Mention what is PDC emulator and how would one know whether PDC emulator is working or not?
What security concerns do I need to consider prior to establishing an RPT with DOI/OCIO via ADFS?
Please refer to the Compliance with NIST Standards and Guidelines. NIST develops and issues standards, guidelines, and other publications to assist federal agencies in implementing the Federal Information Security Management Act (FISMA) and in managing cost-effective programs to protect their information and information systems.