Home > Practice Areas > Security Services > Identity Management

QSSI offers a broad depth of experience within the Identity Management space. We don’t just bring tools, we bring on-site technologists who are enterprise architecture experts that deliver unified legacy, client-server and web-based, metadirectory-enabled, Single Sign-On (SSO) systems. In addition, we consult regarding data provisioning, policy-based strong authentication (including smart cards and biometrics), identity management system components, federated identity management, and automated auditing and reporting. Our solutions enable high-volume role-based access control and user profile management for user accessed applications.

Enterprise Identity And Access Management

The Challenge – Enterprise Role Based Access Control for Electronic Identities

The Centers for Medicare & Medicaid Services (CMS) has undertaken the development of a large-scale Information Technology (IT) Modernization initiative to improve the quality and delivery of health care services to beneficiaries, providers, and business partners using a Common Enterprise Infrastructure (CEI).  A core element of the CEI is an enterprise-level security architecture that employs common security services.

In 2005 the Enterprise Identity and Access Management (EI&AM) framework was created to meet this goal. The CMS EI&AM framework provides a single identity and authentication for each user. This single account, coupled with an enterprise Role Based Access Control (RBAC) capability, eliminates the need for multiple user accounts and reduces costs for user licenses and the maintenance of multiple accounts.  Other enterprise security services, such as encryption, security, and performance monitoring, also reduce the application costs for each business owner.

QSSI’s Solution – A Highly Scalable COTS Product Implementation of an Identity & Access Management Framework

The EI&AM framework controls both the issuance of electronic identities and the access to CMS applications. In support of that framework CMS deployed the Individuals Authorized Access to the CMS Computer Services (IACS) System. The IACS system is a Sun Microsystems COTS product based platform responsible for issuance of electronic identities, user account management and authentication services. It allows CMS to minimize costs of redundant systems development where instead of developing, maintaining, and operating services specific to a single application, CMS is able to certify and accredit a single enterprise security service for all CMS applications.

The IACS system leverages Sun’s Java Enterprise System suite of products, which designed to manage user identities in an enterprise environment across heterogeneous hardware and software infrastructures. The three major components of the IACS system are the Sun’s Identity Manager, Sun’s Access Manager (AM), and Sun’s Directory Server. The Sun Identity Manager is a Java 2 Platform Enterprise Edition (J2EE) application, which runs in a JES environment and provides provisioning, workflow and password management. The IM is primarily responsible for identity management and account administration services. Sun’s Access manager is responsible for user authentication and management of secure access to various CMS Web applications. The Sun’s Directory Server is a main repository of user identities, demographics, and other business data.

Since January 2006 QSSI is responsible for Operations and Maintenance (O&M), enhancements and integration of various mission critical business applications and systems with IACS. O&M includes a variety of tasks including systems administration and production support, systems monitoring and problem correction, performance monitoring and tuning, and ongoing system modifications. QSSI provides COTS package maintenance, IACS customization maintenance, and support for infrastructure changes. Our team also supports IACS configuration and release management, and is responsible for accurate and current documentation and Level II/III Help Desk operations.

QSSI is the centralized point of contact for the CMS Data Center Contractor to submit the IACS functional and technical problems for resolution. We provide project management and planning, elicit, analyze and develop requirements, estimate additional hardware/software requirements, develop code, perform system and integrations testing, and implement critical IACS solutions.

During the last 3 years QSSI integrated with IACS and provided support for the following CMS applications and user communities:

• Medicare Advantage/Medicare Advantage and Prescription Drug Plans, Contractors, and Medicaid State Agencies
• Community-Based Organizations and Customer Service Representatives (CBO/CSR)
• Physicians, Non-Physician practitioners, Individual Practitioner, Institutional Providers and Suppliers (including HIPAA Eligibility Transaction System Users)
• Fiscal Intermediaries (FI), Carriers and Medicare Administrative Contractors (MAC)
• Durable Medical Equipment, Prosthetics, Orthotics and Supplies (DMEPOS)
• CMS Employees and Contractors

QSSI knows that today CMS is more integrated with its partners than ever before and that the information exchange happens more frequently than ever before. QSSI understands that the sensitivity of our customer’s data and improved ability to access that data create a substantial risk to CMS, its Partners, and Beneficiaries. The legislations like the Health Insurance Portability and Accountability Act (HIPAA), Federal standards published by the National Institute of Standards and Technology (NIST), and CMS’s policies have been established to control that risk. Our Team is supporting CMS by implementing and maintaining within the IACS system applicable security requirements, Federal Standards, and CMS policies.

Home | Practice Areas | Clients | Contract Vehicles | Corporate | Careers | News | Contact Us | Employees Only