Cryptographic Authentication U.S. Federal agencies often require the use of Public Key Infrastructure (PKI) authentication based on smart cards, generally Common Access Card (CAC) or Personal Identity Verification (PIV) cards, to access certificate-enabled applications. This requires a user to physically insert a smart card into a card reader and enter a pin to complete a cryptographic challenge/response. Traditional multi-factor authentication introduces roadblocks to technologies like RPA. The Office of Management and Budget Memo M-19-17 outlines a policy that requires management of digital identities of devices, non-person entities and automated technologies such as RPA. RPA bots are now required to have individual digital identities and credentials that are managed in the same fashion as user identities. Essentially, bots need the ability to perform a "smart card login" for authentication to operate in production systems. Although unattended RPA bots cannot be issued a traditional smart card, they can utilize smart card login capabilities through the use of a centralized, hardware security module-based authentication system.
This session will discuss how Federal agencies can securely utilize RPA to increase efficiency and enhance the experience across back-office and front-office operations:
• Benefits of RPA
• RPA cryptographic authentication
• DoD Implementation Use Case
Speaker: Jim Walker, Federal CTO, UiPath & John Lockwood, Director, Federal Intelligent Automation, KPMG
0 Comments