Draft NIST IR 8335 1 Identity as a Service for 2 Public Safety Organizations 3 4 William Fisher 5 Christopher Brown 6 Mark Russell 7 Sudhi Umarji 8 Karen Scarfone 9 10 11 12 13 This publication is available free of charge from: 14 https://doi.org/10.6028/ NIST.IR.8335 -draft 15 16 17 18 Draft NISTIR 8335 19 Identity as a Service for 20 Public Safety Organizations 21 22 William Fisher 23 Applied Cybersecurity Division 24 Information Technology Laboratory 25 26 Christopher Brown 27 Mark Russell* 28 Sudhi Umarji 29 The MITRE Corporation 30 McLean, VA 31 32 Karen Scarfone 33 Scarfone Cybersecurity 34 Clifton, VA 35 36 * Former employee; all work for this 37 publication was done while at employer. 38 39 This publication is available free of charge from: 40 https://doi.org/10.6028/ NIST.IR.8335 -draft 41 42 June 2021 43 44 45 46 U.S. Department of Commerce 47 Gina Raimondo, Secretary 48 49 National Institute of Standards and Technology 50 James K. Olthoff, Performing the Non- Exclusive Functions and Duties of the Under Secretary of Commerce 51 for Standards and Technology & Director, National Institute of Standards and Technology 52 National Institute of Standards and Technology Interagency or Internal Report 8335 53 38 pages ( June 2021) 54 This publication is available free of charge from: 55 https://doi.org/10.6028/ NIST.IR.8335 -draft 56 Certain commercial entities, equipment, or materials may be identified in this document in order to describe an 57 experimental procedure or concept adequately. Such identification is not intended to imply recommendation or 58 endorsement by NIST, nor is it inte nded to imply that the entities, materials, or equipment are necessarily the best 59 available for the purpose. 60 There may be references in this publication to other publications currently under development by NIST in accordance 61 with its assigned statutory re sponsibilities. The information in this publication, including concepts and methodologies, 62 may be used by federal agencies even before the completion of such companion publications. Thus, until each 63 publication is completed, current requirements, guideline s, and procedures, where they exist, remain operative. For 64 planning and transition purposes, federal agencies may wish to closely follow the development of these new 65 publications by NIST. 66 Organizations are encouraged to review all draft publications during public comment periods and provide feedback to 67 NIST. Many NIST cybersecurity publications , ot her than the ones noted above, are available at 68 https://csrc.nist.gov/publications . 69 Public comment period: June 16, 2021 through August 2 , 2021 70 National Institute of Standards and Technology 71 Attn: Applied Cybersecurity Division, Information Technology Laboratory 72 100 Bureau Drive (Mail Stop 2000) Gaithersburg, MD 20899- 2000 73 Email: [email protected] 74 All comments are subject to release under the Freedom of Information Act (FOIA). 75 NISTIR 8335 (DRAFT) IDENTITY AS A SERVICE FOR PUBLIC SAFETY ORGANIZATIONS ii Reports on Computer Systems Technology 76 The Information Technology Laboratory (ITL) at the National Institute of Standards and 77 Technology (NIST) promotes the U.S. economy and public welfare by providing technical 78 leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test 79 methods, reference data, proof of concept implem entations, and technical analyses to advance 80 the development and productive use of information technology. ITL’s responsibilities include the 81 development of management, administrative, technical, and physical standards and guidelines for 82 the cost -effective security and privacy of other than national s ecurity -related information in 83 federal information systems. 84 Abstract 85 On-demand access to pu