cdc system portfolio new imperatives · 03/02/2011 · – portfolio composition • new...
TRANSCRIPT
![Page 1: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/1.jpg)
State of CDC’s Systems Portfolio State of CDC’s Systems Portfolio State of CDC’s Systems Portfolio State of CDC’s Systems Portfolio and New Imperativesand New Imperatives
Jim Seligman
Chief Information Officer
![Page 2: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/2.jpg)
CDC Information Systems
• Historical & Current Systems Profile
– Investment Trends
– Portfolio Composition– Portfolio Composition
• New Imperatives and Influences
– HSPD-12 Smart Card enablement
– Portfolio Review & OMB Tech Stat
– Shared Software and Data Services
![Page 3: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/3.jpg)
$0
$50
$100
$150
$200
$ M
illio
ns
CDC IT Expenditures
IT Intramural IT ExtramuralIT Intramural IT Extramural
![Page 4: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/4.jpg)
CDC FY 2012 IT Investment Composition
Investment Level Total Value Average Cost
Major (6) $137.6M $22.9M
Tactical (12) $64.9 M $5.4MTactical (12) $64.9 M $5.4M
Supporting (109) $101.7M $0.9M
Extramural (7) $161.2M $23.0M
Total FY 2012 (134) $465.4M $3.5M
![Page 5: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/5.jpg)
CDC FY 2012 Investment Jurisdiction
$250
$300
$350
Intramural
$304 MExtramural
$161M
$0
$50
$100
$150
$200
66%
34%
![Page 6: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/6.jpg)
Number of Systems Trending
500
600
700
140
160
180
200
Portfolio Size
New or Retired Systems
Systems Portfolio
0
100
200
300
400
0
20
40
60
80
100
120
FY 2005 FY 2006 FY 2007 FY 2008 FY 2009 FY 2010
Portfolio Size
New or Retired Systems
Fiscal Year
New Systems Retired Systems Portfolio
6
![Page 7: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/7.jpg)
IT Systems by Organization
Center/Office # Systems
FY 2012
Planned
Budget ($M)
Cost per System
($M)
CGH 7 $0.8 $0.1
NIOSH 8 $0.9 $0.1
OD 153 $45.4 $0.3 OD 153 $45.4 $0.3
OID 174 $71.1 $0.4
ONDIEH 135 $23.3 $0.2
OPHPR 26 $13.0 $0.5
OSELS 55 $65.9 $1.2
OSTLTS 2 $0.1 $0.1
Total 560 $220.5 $0.4 Inclusion/Exclusion Criteria
Include intramural spending only
Exclude IT infrastructure
Exclude "Not Updated," "Planning," or "Planned Retirement" systems
![Page 8: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/8.jpg)
CDC Systems by Mission Criticality
191 Low Criticality
8
132
299
High Criticality Systems
Medium Criticality
![Page 9: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/9.jpg)
FY 2012 Systems by Lifecycle Phase
$218
47%$247
47%$247
53%Development &
Modernization
Operations &
Maintenance
$ in Millions
![Page 10: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/10.jpg)
Federal IT Dashboard - HHS
![Page 11: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/11.jpg)
Federal IT Dashboard - CDC
![Page 12: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/12.jpg)
New ImperativesNew Imperatives
![Page 13: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/13.jpg)
Identity & Access Management Program
• OMB Requirements and Deadlines
• CDC Milestones
Application Assessment• Application Assessment
• Application Smart Card Enablement
Draft - For Discussion Purposes Only 13
![Page 14: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/14.jpg)
OMB Requirements and Deadlines
OMB Feb 3, 2011 Directive
• Fund HSPD-12 credential issuance using existing resources
• FY 10 - all new systems must be enabled to accept HSPD-12 credentials for authenticating Federal employees and contractorsauthenticating Federal employees and contractors
• FY 11 - agencies must use system technology refreshment funding (DME or O&M) to upgrade existing systems to use HSPD-12 credentials
– CDC policy to be issued in March 2011
• FY 12 - agencies shall not spend DME or O&M technology refreshment funding on systems unless they use HSPD-12 credentials to authenticate Federal employees and contractors
14
![Page 15: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/15.jpg)
FY 11 Timeline for Logical Access Controls
Documentation
Complete ITSO
Middleware /
Card Reader Pilot
and
Documentation
Smart Card
access via CITGO
available
WS-3
Develop IWA PKI
Enablement
Application
Guides (.NET,
JAVA)
WS-5
Complete Testing
Smart Card
Access for
Webmail
Test and
Standardize
Blackberry and
Bluetooth
Equipment
WS-4
WS-3
Smart Card
Maintenance
WS-15
WS-3
E-Auth Go Live
Phase 2 (Level 2
WS-14
Start SDN
Migration
WS-14
E-Auth Go Live
Phase 1 (Level 1)
WS-14
Start PKI
Enablement Pilot
WS-5
Logical Access Plan Milestone
Establish Unified
Helpdesk Plan
OCT 2010 – DEC 2010
Q1
JAN 2011 – MAR 2011
Q2
JUL 2011 – SEP 2011
Q4
APR 2011 – JUN 2011
Q3
Distribute
Desktop Readers
& Middleware to
GOE Users
WS-3WS-15
Maintenance
Deployment Plan
Phase 2 (Level 2
& 3)
Start PKI
Enablement Pilot
2
WS-5
15
Enablement Pilot
1
![Page 16: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/16.jpg)
Application Assessment Survey
• CDC Application Assessment for Smart
Card Enablement Survey
• Total Number of Responses: 424 (~75%
responded)
Draft - For Discussion Purposes Only 16
![Page 17: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/17.jpg)
Application Assessment Survey
26
Integrated Windows Authentication
Draft - For Discussion Purposes Only 17
218180
Yes
No
Unsure
![Page 18: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/18.jpg)
Application Assessment Survey
25 41
Application Type
Standard Commercial
Package
Draft - For Discussion Purposes Only 18
25 41
356
Package
Highly Customized
Commercial Package
Custom Developed
Application
![Page 19: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/19.jpg)
Application Assessment Survey
15
6
6 3
Application Language
Draft - For Discussion Purposes Only 19
126
13
15.Net
Java
Access/SQL
SAS
PowerBuilder
Foxpro
![Page 20: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/20.jpg)
Application Assessment Survey
80
100
120
140
102
7569
128
Total User Population
Draft - For Discussion Purposes Only 20
0
20
40
60
80
1 to 10 10 to 100 100 to
1000
1000 to
5000
Greater
than 5000
7569
24
![Page 21: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/21.jpg)
HSPD-12 Logical Access Approach
• HHS Enterprise Applications (e.g. CapHR, EWITS, LMS)– Plan to use Sun Identity and Access Manager-based solution
• CDC Capabilities currently using Integrated Windows Authentication (IWA)
– Built-in, requires no additional investment
– Leverages existing investment and infrastructure
– Ties in with CDC Active Directory that is already PKI enabled for Smart Card authentication
• Authentication upgrades will require focused investment over time
– Microsoft .NET applications can easily upgrade to Integrated Windows Authentication
– JAVA/J2EE provides available, mature, bolt-on modules
– Develop a set of generic authentication modules shared across systems
Draft - For Discussion Purposes Only 21
![Page 22: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/22.jpg)
PKI-Enabling Technology CategoriesCategory A – IWA-type applications or with built-in PKI support
Category B – Applications that will use Sun Identity Suite
Category C – Applications that will use PKI-enablement libraries
Category D – Applications/Systems where access is limited by “PKI-enabled Vault” i.e. need a credential to login to the server
Category E – Applications where the vendor provides upgrades to PKI-enable
Category F – Applications that will be replaced (Not PKI-enabled in favor of new application)
Category G – Applications that will not be upgraded (requires justification)
Draft - For Discussion Purposes Only 22
![Page 23: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/23.jpg)
Logical Access Next Steps
• Integrated Windows Authentication Guides developed for .Net and Java applications, posted on IRGC SharePoint site
• HSPD-12 PMO meeting with major CDC application groups
• Develop additional guidance documents to leverage • Develop additional guidance documents to leverage Integrated Windows Authentication
• Develop tests to verify HSPD-12 compliance
• Establish user groups to identify impacts and requirements
• Conduct pilots and develop prototypes
Draft - For Discussion Purposes Only 23
![Page 24: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/24.jpg)
CDC Systems Review• Number of systems?
• Spending on systems?
• Redundancy/duplication?
• System development success: on-time, on-scope, on-budget?
• System performance success measures– meeting original intent– achieving performance measures– scale of usage and content– customer satisfaction
![Page 25: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/25.jpg)
Shared Software and Data Services
• Developing a registry of shared software and data services
– Service name
– Service description
– Contact
– Lifecycle stage
– Information location (URL)
– Authentication required
– Standards supported
• Compliment to Enterprise Systems Catalog & EA Reference Guide
• Resource for developers - shared code, objects, APIs, data resources
![Page 26: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/26.jpg)
Some Candidate Shared Services at CDC
• WONDER – 11 Databases of Population, Vital Statistics, and Morbidity
– XML-based API
• Security Services (SDN and IAM.Net Services)• Security Services (SDN and IAM.Net Services)– Identification, Access, and Credentialing Services
• PHIN Services– PHIN-MS (Messaging), PHINDIR (Directory), PHIN-VADS
(Vocabulary)
• GIS Mapping/Geospatial Services
• People Repository (other HR Services)
![Page 27: CDC System Portfolio New Imperatives · 03/02/2011 · – Portfolio Composition • New Imperatives and Influences – HSPD-12 Smart Card enablement – Portfolio Review & OMB Tech](https://reader034.vdocuments.us/reader034/viewer/2022050404/5f8137ffafba45543b20723d/html5/thumbnails/27.jpg)
Questions?Questions?