1 / 14

The E-Authentication Initiative: A Status Report

The E-Authentication Initiative. The E-Authentication Initiative: A Status Report. Presented at Educause Meeting June 16, 2004. What is the E-Authentication Initiative?.

xerxes
Download Presentation

The E-Authentication Initiative: A Status Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The E-Authentication Initiative The E-Authentication Initiative: A Status Report Presented at Educause MeetingJune 16, 2004

  2. What is the E-Authentication Initiative? • E-Authentication provides a blueprint for online identity validation that will enable the American public to access government services in a secure, trusted environment with credentials of their choosing E-Authentication Enables E-Government

  3. What are the Goals of the Initiative? • Build and enable mutual trust needed to support wide-spread use of electronic interactions between the public and Government • Minimize the burden on the public when obtaining trusted electronic services from the Government • Deliver common interoperable authentication solutions, appropriately matching the levels of risk and business needs The Result: Businesses & individuals will be empowered to conduct business with Government at all levels using e-identity credentials provided by trusted institutions

  4. The Concept of E-Authentication Step 1 Step 2 Step 3 Application User Agency Application Credential Service Provider Access Point • Step 2: • User is redirected to selected credential service provider • If user already possesses credential, user authenticates • If not, user acquires credential and then authenticates Step 1: At access point (portal, agency Web site or credential service provider) user selects agency application and credential provider Step 3: Credential service hands off authenticated user to the agency application selected at the access point

  5. E-Government Strategy: Improving Service for Citizens Government to Business Managing Partner GSA EPA Treas HHS SBA DOC Government to Citizen Managing Partner GSA Treas DoEd DOI DOL 1. Federal Asset Sales 2. Online Rulemaking Mgmt 3. Expanding Tax Products for Businesses 4. Consolidated Health Informatics 5. Business Gateway 6. International Trade Process Streamlining 1. USA Service 2. IRS Free File 3. E-Loans 4. Recreation One Stop 5. GovBenefits E-Authentication Internal Effectiveness & Efficiency Government to Government Managing Partner OPM OPM OPM OPM GSA GSA NARA OPM Managing Partner SSA HHS FEMA DOI FEMA 1. E-Training 2. Recruitment One Stop 3. Enterprise HR Integration 4. E-Clearance 5. E-Travel 6. Integrated Acquisition 7. E-Records Management 8. Payroll/HR 1. E-Vital 2. Grants.gov 3. Disaster Mgmt 4. Geospatial One Stop 5. SAFECOM

  6. Critical Elements of E-Authentication • Policy • Applications • Technology • Trusted Credential Service Providers • Program Management

  7. Policy • Overall program governance • Credential assurance levels (OMB & National Institute of Standards and Technology) • Certification of credential providers • Business model

  8. Applications • 6500 Government applications with business and public • Role of Gov’t Paperwork Elimination Act (GPEA) and the Office of Management and Budget (OMB) mandates • Risk assessments (Carnegie Mellon)

  9. Technology Requirements • Federated model • Standards-based • COTS-based • Flexible • Scalable • Extensible • Reliable • Manageable • Supportive of multiple protocols

  10. Trusted Credential Service Providers • Key tenet of E-Auth is re-use of existing, trusted 3rd party credentials • Allow US citizens, business and government employees to use electronic identity credentials they already have for E-Government purposes • Requires ability to map those 3rd party credentials to E-Authentication policy framework • E-Authentication-developed Credential Assessment Framework is primary tool for mapping – may be modified for use across different business lines

  11. Program Management • Managing relationships: • Agency Application Owners • CSPs • Maintaining tools: • E-RA • CAF • Trust List • Approved Technology Providers List • Interface Specs • Cookbooks • Implementation Guides • Developing & Implementing business model • Keeping the trains running

  12. E-Authentication Progress to Date • Applications Deployed: 1 • GSA’s eOffer, Level 3 (PKI), Hosted CAM • Credentials on Trust List: 12 • 9 PKI, 3 User ID/Password • Discussions underway with individual banks, as well as FSTC (Bank Industry group) • Approved Technology Providers: 5 • Products from Entegrity, HP, Oblix, RSA, Sun • Additional products undergoing testing in Interop Lab • Pilots Underway: 8 • Grants.gov, EPA, 2 GSA, NIH, NPS, Treasury, VA

  13. Near-Term Focus • Delivery of Authentication Service Component of the FEA • Steering Committee ratification of technical architecture • End user implementation manuals and tools • E-Grants Pilot • USDA, NSF, ORC, HHS • Financial Institutions Pilot • Financial Services Technical Consortium • Steering Committee Approved Pilots • 6 pilots lead by GSA, EPA, Treasury, NPS, VA, NIH

  14. For More Information Phone E-mail Brian Doherty 703-872-8606 brian.doherty@gsa.gov Communications Stephen Sill 703-872-8594 stephen.sill@gsa.gov Credential Manager Websites http://cio.gov/eauthentication http://www.eapartnership.org/ http://cio.gov/fpkipa

More Related