E  Authentication Federation The enabler of Electronic Government! presented to AIPC by Stephen A. Timchak June 12, 2005 The E-Authentication Federation.

Slides:



Advertisements
Similar presentations
1 U.S. General Services Administration E-Government Procurement: Standard Transactions and Interoperability David Temoshok Director, Federal Identity Management.
Advertisements

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Institutional Transformation of Government in the Network Society Jane E. Fountain Director, National Center for Digital Government Harvard University.
1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.
1 Federal Identity Management and Homeland Security Presidential Directive 12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Federal Approach to Electronic Credentials For services to citizens, businesses, other governments, and employees Mary J. Mitchell Office of Electronic.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
E-Authentication: Creating an Environment of Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy The E-Authentication.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.
Federated Identity and Interoperability: Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.
Government On-Line “Working Through the Cross Jurisdictional Challenges of Developing a Tier 3 Application” Service Nova Scotia & Municipal Relations.
Introduction to OIX: A Market Solution to Online Identity Trust Don Thibeau.
The Need for Trusted Credentials Information Assurance in Cyberspace Judith Spencer Chair, Federal PKI Steering Committee
U.S. Federal Enterprise Architecture World Bank Seminar November 22, 2006 Dick Burk Chief Architect and Manager, Federal Enterprise Architecture Program,
Status of E-Government. E-Government: the use of digital technologies to transform government operations in order to improve effectiveness, efficiency,
E-Authentication: The Need for Open-Standards in Implementing E-Government October 6, 2004 The E-Authentication Initiative.
Dao Dinh Kha National Centre of Digital Signature Authentication - Agency of Information Technology Application A vision on a national Electronic Authentication.
U.S. Department of Agriculture eGovernment Program December 3, 2003 eAuthentication Initiative USDA eAuthentication Service Overview eGovernment Program.
Transforming the Business of Government Through Shared Services JOHN SINDELAR Deputy Associate Administrator United States General Services Administration.
EAuthentication Components of USDA’s Enterprise Architecture February 2004.
The InCommon Federation The U.S. Access and Identity Management Federation
1 Moving to a new Administration: Collaboration and Shared Services Technology Service Oriented Architecture Conference John W. Cox, CFO U.S. Department.
Tbilisi, Georgia June 2013 Government Services and Registries.
Employee Authentication Services (EAS) A potential pan-government service Chief Information Officer Group (CIOG) – DCSF.
1 The Government-wide Implementation of Homeland Security Presidential Directive 12 (HSPD-12) David Temoshok Director, Identity Policy and Management GSA.
“FEA: Beyond Reference Models” September 07, 2006 Dick Burk Chief Architect and Manager, Federal Enterprise Architecture Program Management Office – OMB.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
U.S. Department of Agriculture eGovernment Program July 23, 2003 eAuthentication Initiative Agency Responsibilities and Funding Discussion eGovernment.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
E-Authentication: The Need for Public and Private Sector Trust David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
1 Consolidated Health Informatics Public Health Data Standards Consortium March 17, 2004.
Federal e-Authentication Initiative: Federated Identity and Interoperability David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide.
U.S. Department of Agriculture eGovernment Program July 9, 2003 eAuthentication Initiative Update for the eGovernment Working Group eGovernment Program.
1 European eGovernment Awards 2007 European eGovernment Awards 2007 Workshop for Finalists July, Brussels LIMOSA Belgium Reference project number.
E-Authentication Overview & Technical Approach Scott Lowery Technical Track Session.
EGovOS Panel Discussion CIO Council Architecture & Infrastructure Committee Subcommittee Co-Chairs March 15, 2004.
Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
Transforming Government Jane E. Fountain Director, National Center for Digital Government (supported by the National Science Foundation) Associate Professor,
Cartographic Users Advisory Council The National Spatial Data Infrastructure and the Geospatial One Stop E-Gov Initiative May 3, 2002 John Moeller Staff.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
1 How Serious Are Financial Institutions About Electronic Identity? -- for -- Educause Policy 2005 Conference Jim Gross Wells Fargo April 7, 2005.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.
U.S. Department of Agriculture eGovernment Program Smart Choice Pre-Select Phase Transition September 2002.
Case Study: Applying Authentication Technologies as Part of a HIPAA Compliance Strategy.
Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.
1 Federal Identity Management Infrastructure and Policy David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide August 15,
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
The E-Authentication Federation
Mark A. Forman Associate Director for IT & E-Government OMB
Transforming the Business of Government Through Shared Services JOHN SINDELAR Deputy Associate Administrator United States General Services Administration.
U.S. Federal e-Authentication Initiative
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
The E-Authentication Initiative
HIMSS National Conference New Orleans Convention Center
The E-Authentication Initiative
E-Government Procurement: Standard Transactions and Interoperability David Temoshok Director, Federal Identity Management GSA Office of Governmentwide.
Presentation transcript:

E  Authentication Federation The enabler of Electronic Government! presented to AIPC by Stephen A. Timchak June 12, 2005 The E-Authentication Federation

2 The Goal of E-Government Empower and enable citizens and businesses to manage their relationships with government on their terms in a secure online environment E-Authentication is a key component of the President’s Management Agenda Develop and implement an enterprise-wide E-Authentication strategy and solution that enables E-Government The Role of the E-Authentication Program

3 The E-Authentication Federation Government to Govt.Internal Effectiveness and Efficiency 1. e-Vital (business case) 2. Grants.gov 3. Disaster Assistance and Crisis Response 4. Geospatial Information One Stop 5. Wireless Networks 1. e-Training 2. Recruitment One Stop 3. Enterprise HR Integration 4. e-Travel 5. e-Clearance 6. e-Payroll 7. Integrated Acquisition 8. e-Records Management President’s E-Gov Agenda OPM GSA OPM GSA NARA Lead SSA HHS FEMA DOI FEMA Lead GSA Treasury DoED DOI Labor Government to Business 1. Federal Asset Sales 2. Online Rulemaking Management 3. Simplified and Unified Tax and Wage Reporting 4. Consolidated Health Informatics (business case) 5. Business Gateway 6. Int’l Trade Process Streamlining Lead GSA EPA Treasury HHS SBA DOC Cross-cutting Infrastructure: E-Authentication GSA Government to Citizen 1. USA Service 2. EZ Tax Filing 3. Online Access for Loans 4. Recreation One Stop 5. Eligibility Assistance Online

4 The E-Authentication Federation The E-Authentication Initiative Strategy  Build the E-Authentication Federation Government agencies rely on electronic identity credentials – such as PINS/user IDs/passwords/PKI certificates – issued and managed by other organizations within and outside the federal government  How do we do it? Develop a federated identity authentication framework Supporting secure online transactions Reliant on existing trust relationships COTS and standards-based with interoperable products, supporting multiple protocols

5 The E-Authentication Federation Why Adopt a Federated Approach?  Migration of applications to the web has precipitated increasing need for secure authentication  Identity management now perceived as one of the major enterprise IT challenges  Industry best practices moving toward enterprise identity management solution (portal) and federated identity  Use of Federated Identity is Growing According to Burton Group, more than 300 businesses deploying SAML-based federations this year

6 The E-Authentication Federation Maintenance Website An Example of Federation

7 The E-Authentication Federation Building the E-Authentication Federation Business & Operating Rules Operational Infrastructure Agency Applications/ Identity Credential Issuers Policy Technical Standards Complete FY 2004 Complete Scheduled for Federation membership Q4 FY ’05 and beyond

8 The E-Authentication Federation Approved E-Authentication Technology Providers Novell

9 The E-Authentication Federation E  Authentication Federation  The Federal Government agency application owners that have agreed to abide by a set of technical, policy, and business interoperability standards and agreements that serve to make identity portable across multiple domains  The private and public sector trusted Credential Service Providers that agree to abide by a set of technical, policy, and business interoperability standards and agreements that serve to make identity portable across multiple domains  Federation Management (E-Authentication PMO) that manages the technical, policy, and business rules that serve to make identity portable across domains

10 The E-Authentication Federation Key Policy Considerations  For Governmentwide deployment: No National ID No National unique identifier No central registry of personal information, attributes, or authorization privileges Different authentication assurance levels are needed for different types of transactions Authentication – not authorization  For E-Authentication technical approach: No single proprietary solution Deploy multiple COTS products – user’s choice Products must interoperate together Controls must protect privacy of personal information

11 The E-Authentication Federation The Policy Foundation Is In Place  Policy infrastructure enables real business and trust– because it can be universally leveraged and accepted  Policy framework key to E-Authentication Federation context and cohesiveness  Policy framework necessary for: Technical architecture and interoperability Evaluation of identity credential issuers Determination of assurance level requirements Ease of contracting Efficient, reusable business processes  Key policy/guidance documents & tools: OMB M E-Authentication Risk and Requirements Assessment (E-RA) NIST SP Credential Assessment Framework (CAF) Matching the right level of authentication to business risk

12 The E-Authentication Federation The Technical/Architectural Framework Is In Place  Based on industry best practices Open standards-based, federated identity management Supported by interoperable products, providing choice and market- driven pricing  Supports the coexistence of multiple federated identity schemes  Provides for the management of transitive trust  Accommodates both low and high level credentials using SAML and PKI  Supports the introduction of other authentication techniques over time Interoperability among trusted identity credential issuers

13 The E-Authentication Federation Federation Operations First Gov Portal First Gov EAuth Apps ICI Web Site Agency Application Web Site Starting Point EAuth Validation Service EAuth Portal EAuth Step-down Translator EAuth Protocol Translator

14 The E-Authentication Federation  Implementing a world-class operations capability, available 24x7x365 Federation Contact Center (Help Desk) Operations and maintenance of the portal, step-down translator(s), validation service and scheme translators Client and production services Standing Up Federation Operations Agency customers agreed that a well run operations capability was critical to the Federation’s success

15 The E-Authentication Federation Governance: E-Authentication Oversight Moving From Initiative to Federation Executive Steering Committee  24 Cabinet Level Federal agency CIOs Venture capitalist perspective.. Proposed Uber Structure Federation Board of Directors User Groups Vendor Council E-Authentication Initiative E-Authentication Federation

16 The E-Authentication Federation Federation Membership Requirements For Identity Credential Issuers and Relying Parties (Agencies) Business & Operating Rules  Technology standards integrated with common business rules  Developing business agreements that govern membership in the E-Authentication Federation How we bind the trust that drives interoperability

17 The E-Authentication Federation Identity Credential Issuers  The Federal Government does not want to be in the credential management business  Various commercial entities – insurers and other financial institutions – are natural trusted credential service issuers (CSIs)  WHO PROVIDES AUTHENTICATION TODAY? Look in your wallet – what credentials are you most likely to find? A bank card A health insurance card School ID A State Government-issued driver’s license or photo ID Citizen/business convenience and trust are key to selecting identity credential issuers

18 The E-Authentication Federation Targeting Financial Institutions First  Authentication lies at the core of existing financial services products Know-your-customer (KYC) required by law  Financial institutions own 3 powerful assets: Trust 90+% of the US population has banking relationship & 53M have bank-issued credentials (Pew) Strongly authenticated identities  Law requires more than KYC – it requires that customers’ identities be protected

19 The E-Authentication Federation Financial Institutions as Authenticators Attribute  Strong  Mixed  Weak ConsumerThe RelationshipThe Authenticator Broad customer base Long term relationship Frequent use of credential Trusted entity? Strong registration process? Current Authenticators – with large bases of authenticated customer relationships Financial Institutions  ISP’s and Telco’s  Employers  Schools  Merchants & Service Providers  Future Authenticators – could have large bases of authenticated customer relationships Governments  Private ID Providers  Chart Courtesy of Glenbrook Partners Trusted Identity: Hidden Value From Customer Appreciation

20 The E-Authentication Federation The Credential Assessment Framework  Potential ICIs must participate in a credential assessment using the methodology defined in the Credential Assessment Framework On site inspection Credentialing procedures Network and systems security Overall risk management profile  Upon successful assessment, ICIs can be added to E- Authentication’s Trusted Identity Credential Issuer List and to the E-Auth architecture (enabling acceptance of the credential by the Portal)

21 The E-Authentication Federation Agencies Are Committed Moving E-Gov’t Services Online For Business Type of TransactionSample ApplicationPotential Users Licensing/Permits/ Accreditation Nat’l Park Service Research Permits 3500 researchers, 10,000 permits requested each year Compliance EPA Central Data Exchange15,000 businesses and laboratories Grants/Loans/ Subsidies FHA Connection90,000 mortgage lenders – 1.4M loans approved in FY04 Gov’t Contracting E-Offer8,000 primary business contracts; 100,000 projected business users Business Support NASA Integrated Information50,000 contractors, industry participants (350M transaction per year) Int’l Trade Export.gov3 million businesses

22 The E-Authentication Federation Agencies Are Committed Moving E-Gov’t Services Online For Citizens Type of TransactionSample ApplicationPotential Users Social Security Direct Deposit Annual Benefit Statement 47M citizens receiving benefits Assistance USA JobsOver 15,000 job postings Recreation Recreation One Stop5.7M campers in 2003 Loans Dept. of Education’ National Student Loan 35M student users Public Safety Dept. of Justice’s Victim Internet System 13M victims and their attorneys Benefits 1010-Eligibility for Benefits70M veterans

23 The E-Authentication Federation  Providing a “one-stop shop” for E-Authentication Federation products and services  Creating an “E-Authentication Federation Suite of Contracts” on Federal Supply Service (FSS) IT Schedule 70 Available to states as well as Federal agencies  Will include: Technology products Architectural components Credential services Accredited providers of Smartcard/HSPD-12/FICC-mandated credentials and tokens Federation Acquisition Marketplace

24 The E-Authentication Federation E-Authentication Validated by Independent Report Burton Group, a respected IT research and advisory services firm, reports that E-Authentication: Aligns with industry best practices Provides flexible and pragmatic common approach to authentication Efforts should continue and expand, with fine tuning “ The E-Authentication Initiative’s goals are achievable. The anticipated benefits are real and far-reaching, and extend to end- users, governmental organizations, and commercial businesses alike. The E- Authentication Initiative is well-defined, flexible, technically sound, and employs industry best practices.” Burton Group Report on the Federal E-Authentication Initiative, 8/30/04

25 The E-Authentication Federation Lessons Learned IT’S HARD!

26 The E-Authentication Federation SUCCESS IS IN SIGHT!

27 The E-Authentication Federation For More Information Phone Stephen A. Timchak Office: Project Executive E-Authentication Federation U.S. General Services Administration 2011 Crystal Drive, Suite 911 Crystal Park One Arlington, Virginia Website

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.