Task #134
closedsimulation 8- AWS (NIS) ORE on boarding integration
100%
Description
To discuss integration of the NIS to the ORE from an API perspective. Nick had mentioned leveraging some of the onboarding provisioning services NIS has already developed in AWS to tie into ORE. This will enable the ORE to consume some of the services such as provisioning user account for services and pass the tokens from that NIS system to the ORE. In addition, it will minimize another creation of user account provisioning and on boarding for services (provider and consumer services)
Files
Updated by Doug Fraser over 2 years ago
- Project changed from 10 to Simulation Activities
- Subject changed from AWS (NIS) ORE on boarding integration to simulation 8- AWS (NIS) ORE on boarding integration
- Category deleted (
simulation)
Updated by Lloyd Osafo over 2 years ago
*Success Criteria for simulation
Understand the Application Stack
Identify services such as onboarding workflow that could be leveraged for user provisioning in NDP ORE and other NDP services
Architect API design path to integrate API definition end points for potential API calls into NIS for leveraging on boarding services
Identify design construct for token passing from NIS to ORE identity provider and secrets management
31 Oct-
Connected with NIS team Identified path for integration and consuming NIS services to standardize onboarding process
- Identified integration point to leverage NIS services
- Saml assertion integration to PING brokering via ORE identity provider
- Then leveraging business process workflow built in Sailpoint to consume SAARN process for user onboarding
Follow up action-
Danielle- to coordinate with Nick and leadership at the DON CIO for integration schedule
Curtis- Will provide technical documents and access to test environment for the ORE team to work configuration testing of the tokens to their AWS environment over 443. Once whitelisted it will be reachable over the internet for ORE to test
Updated by Lloyd Osafo over 2 years ago
- Start date changed from 10/26/2022 to 10/03/2022
Updated by Thanh Tong over 2 years ago
From: Thanh Tong <ttong@2twelvesolutions.com>
Date: Wed, Jan 4, 2023 at 3:12 PM
Subject: Re: NIS Integration with ORE
To: Obuchon, Danielle R CIV USN COMNAVWARSYSCOM (USA) <danielle.r.obuchon.civ@us.navy.mil>
Cc: Tom Eden <teden@2twelvesolutions.com>, LaRussa-Martin, Christina M CIV USN NIWC ATLANTIC SC (USA) <christina.m.larussamartin.civ@us.navy.mil>, Lloyd Osafo <lloyd@2twelvesolutions.com>, <germaine.w.forbes.civ@us.navy.mil>, Creswell, Nicholas J CIV USN COMNAVWARSYSCOM (USA) <nicholas.j.creswell.civ@us.navy.mil>, Hunley, Brandon S CIV USN NIWC ATLANTIC SC (USA) <brandon.s.hunley.civ@us.navy.mil>, Escobar, Steve M CIV USN PEO DIGITAL WASH DC (USA) <steve.m.escobar.civ@us.navy.mil>, Eric Kim 212 <ekim@2twelvesolutions.com>
Danielle,
Our NDP Gov't project leads have given us the go-ahead to proceed with the NIS integration.
If you would, please re-connect us with Curtis so that we may make preparations for onboarding the ORE application with the NIS SAML authentication service.
I've attached a PDF which provides an overview (from our perspective) of how we plan to leverage NIS for authentication capabilities for NDP ORE users. It also includes some backup slides that provide a general overview of NDP ORE itself for those unfamiliar.
Thanks very much and I hope everyone had an enjoyable and relaxing holiday break.
V/R, Thanh
Updated by Thanh Tong over 2 years ago
NIS TEM scheduled for 1/9/23 at 1130est by Christina LaRussa-Martin
Updated by Christina LaRussa-Martin about 2 years ago
Held meeting to introduce 2Twelve to NIS team. No other collaboration has occurred to date. NIS is funded by DoN CIO, who sets their priorities. Until that team is available, no proof of concept can be supported and this effort is not the next in line (per NIS lead). Therefore, I do not recommend this proof of concept for Task Order 1 as it cannot be accomplished by the completion date.
How can this be 60% complete?
Updated by Lloyd Osafo about 2 years ago
Please see attached PDF in thread above of * Notional_ORE_NIS_Integration_v1-1.pdf* for technical design efforts and implementation details to the protocol levels executed by the 2 Twelve engineering team and developers. These are protocols implemented and solutions to ensure integration with the Governments COTS selected product "Ping" can provide proper authentication tokens for integration with the ORE identity provider. Remaining effort is the actual exchange of tokens with the Government existing system ie "Ping". 2 Twelve has a recommendation in attachment for completing this simulation if Government can not provide the actual system for integration by leveraging its own PING service to demonstrate simulation to this Api end point.
Tom/Thahn/Jacob- We should discuss this at our bi-weekly with the Government and go through some of these technical implementation designs we have put together if they have any questions.
Updated by Jacob Halle about 2 years ago
- Due date changed from 03/31/2023 to 08/02/2023
Updated by Jacob Halle almost 2 years ago
- Status changed from In Progress to Closed
- % Done changed from 60 to 100
2 Twelve has integrated ID services with the ORE to the government specifications required for NIS. Therefore, this task is complete.
To meet requirement of this simulation 2 Twelve developed piv integration to meet the functions underpinning NIS. ORE can still consume and integrate with NIS once in production on Navy hosted environment if Navy decides to consume that existing service on their selected on-premise co location, azure stack on-premise, azure cloud, Amazon gov cloud, etc.