Challenge:
The Department of Justice (DOJ) is composed of a number of Components, which operate their own IT solutions and network directories that meet the needs of their mission, technical environment, information sensitivity and existing business processes. These disparate IT solutions maintain identity information about employees and contractors. DOJ requires accurate, up-to-date information about these employees and contractors in order to make access decisions. DOJ adopted a strategy based on a virtual directory service, which would provide a single, consistent view of the network directories operated by the various DOJ components. An initial effort to deploy a virtual directory service began in 2008; however problems including instability of the software vendor and limitations in its flexibility (for interfacing with various data sources) resulted in a subsequent effort to replace it.
Solution:
The Department of Justice (DOJ) turned to trusted partner eMentum to provide insightful guidance and assistance in overcoming DOJ’s IT barriers. eMentum performed an important support role for the replacement Radiant Logic VDS. This included developing the DOJ Identity, Credential, and Access Management (DICAM) system, which relies on VDS to authenticate its users. eMentum’s DICAM application was the first “client” of the original VDS service, and was used extensively to test the new Radiant Logic VDS.
eMentum deployed a demonstration version of the Radiant Logic VDS in 2013, and received training directly from Radiant Logic. Most recently, eMentum has been working with DOJ to expand the scope of the Radiant Logic VDS beyond network directories, and into other sources of employee and contractor information. One of the primary alternate sources is eMentum’s DICAM system.
Business Impact:
eMentum conducted extensive testing of the new Radiant Logic VDS software operating in parallel with the original VDS, until in late 2013 when the new VDS was declared operational. In March 2014, the interface with the directory of the last DOJ component was implemented, so that VDS fully encompassed all DOJ employees and contractors. The Radiant Logic VDS implementation at DOJ provides a central source for employee and contractor data. The VDS is being expanded to included sources of data beyond the network directories, such as human resource systems and credentialing systems (via DICAM). Applications within DOJ through the DOJ Trust Federation Service obtain the information necessary for making an access control decision. Thanks to eMentum’s strategic guidance, and role as architect of an intelligent solution, DOJ leaders are empowered to make smarter access decisions and maintain a more secure and resilient enterprise.
Quick Facts:
- DOJ needed a central directory service, which would provide a single, consistent view of the user identity directories operated by the various DOJ components
- eMentum served as a trusted partner in overcoming DOJ’s IT barriers
- eMentum developed the DOJ Identity, Credential, and Access Management (DICAM) system to provide USAccess reporting services to DOJ
- eMentum provided operational support services for VDS
- eMentum has partnered with DOJ to expand the scope of the Radiant Logic VDS beyond network directories
- The DOJ Trust Federation Service (developed by eMentum) provides a single sign-on experience for Component users accessing trusted web applications, and VDS is an identity repository for this service