Skip Ribbon Commands Skip to main content

Enterprise Identity Attribute Service (EIAS)

Overview

The Defense Manpower Data Center (DMDC) has developed the Enterprise Identity Attribute Service (EIAS) to distribute DoD person, persona and personnel attributes for access control using a secure, standards-based Security Assertion Markup Language (SAML) interface. Using a connection approval process, the DoD Electronic Data Interchange Person Identifier (EDI-PI), and PKI, EIAS securely provides an individual’s identity and attributes for the purpose of enabling Attribute Based Access Control (ABAC) to customers who have a business justification and a need-to-know. EIAS leverages real-time Web service technologies to distribute a common set of data attributes utilizing signed SAML 2.0 assertions in all EIAS requests and responses.

Using a connection approval process, the DoD Electronic Data Interchange Person Identifier (EDI-PI), and PKI, EIAS securely provides an individual’s identity and attributes for the purpose of enabling Attribute Based Access Control (ABAC) to customers who have a business justification and a need-to-know. EIAS leverages real-time Web service technologies to distribute a common set of data attributes utilizing signed SAML 2.0 assertions in all EIAS requests and responses.

EIAS is available on SIPRNet and NIPRNet.

Why Should I Use It?

EIAS provides applications with accountable user attribute data for ABAC access decisions. Thus, using EIAS reducing the overhead of locally deploying and maintaining attribute solutions and reduces the risk of having attribute data that compromises access policy.

How Can I Use It?

Creating an interface to EIAS requires a connection approval process and a customer-specific client-side SAML interface that must be coordinated with the DMDC Identity Web Services implementation team, who may be contacted at dodhra.dodc-mb.dmdc.list.identity-web-services-team@mail.mil

Documentation

All EIAS reference materials are available on the Program Documentation page.

IdAM