NIST’s
National Cybersecurity Center of Excellence (NCCoE) has released a new draft
report, NIST Interagency or Internal Report (NISTIR) 8335, Identity as a
Service for Public Safety Organizations.

Identity
as a service (IDaaS) is when a company offers identity, credential, and access
management (ICAM) services to customers through a software-as-a-service (SaaS)
cloud-service model. Public safety organizations (PSOs) could potentially
reduce costs and adopt new standards and authenticators more easily by using
IDaaS to provide authentication services for their own applications. This would
allow PSOs to offload some or most of their authentication responsibilities to
the IDaaS provider.

This
report informs PSOs about IDaaS and how they can benefit from it. It also lists
questions that PSOs can ask IDaaS providers when evaluating their services to
ensure the PSOs’ authentication needs are met and the risk associated with
authentication is mitigated properly. PSOs considering IDaaS usage are
encouraged to use this NISTIR. This report was developed in joint partnership
between the NCCoE and the Public Safety Communications Research Division (PSCR)
at NIST.

The public comment period for this draft is open through August 2,
2021. See the publication
details for a copy of the draft and instructions for submitting
comments. You can also contact us at psfr-nccoe@nist.gov.