Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004.

Published bySarina Cumberledge Modified over 10 years ago

Similar presentations

Presentation on theme: "1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004."— Presentation transcript:

1 1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004

2 2 The E-Authentication Initiative  E-Authentication provides a blueprint for online identity validation that will enable the American public to access government services in a secure, trusted environment with credentials of their choosing Government Services Must Be Available Online E-Authentication Enables E-Government

3 3 The E-Authentication Initiative What are the Goals of the Initiative?  Build and enable mutual trust needed to support wide-spread use of electronic interactions between the public and Government  Minimize the burden on the public when obtaining trusted electronic services from the Government  Deliver common interoperable authentication solutions, appropriately matching the levels of risk and business needs The Result: Businesses & individuals will be empowered to conduct business with Government at all levels using e-identity credentials provided by trusted institutions

4 4 The E-Authentication Initiative The Concept of E-Authentication Credential Service Provider Agency Application Access Point Application User Step 3Step 2 Step 1 Step 1: At access point (portal, agency Web site or credential service provider) user selects agency application and credential provider Step 2: User is redirected to selected credential service provider If user already possesses credential, user authenticates If not, user acquires credential and then authenticates Step 3: Credential service hands off authenticated user to the agency application selected at the access point

5 5 The E-Authentication Initiative Critical Elements of E-Authentication POLICY Governance Certification Liability Business Model Dispute resolution APPLICATIONS 6500 G2B & G2C applications Gov’t Paperwork Elimination Act OMB mandates TECHNOLOGY Federated model Standards based COTS based Flexible, scalable Extensible CREDENTIAL SERVICE PROVIDERS Federal agencies Financial institutions Health care providers State governments

6 6 The E-Authentication Initiative The OnLine Marketplace  Business and Government moving in the same direction  Services online to Increase accessibility to customer Streamline processes Reduce costs Improve customer satisfaction Issue: How to Fulfill the Demand for Authentication Across the Federal Government Enterprise Shopping Online Transactions of Value to Consumers, Businesses and Government Broadening to

7 7 The E-Authentication Initiative Electronic Government is Evolving  Currently, in e-government transactions, the Federal government is the provider of the identity credential  As e-government evolves, the government intends to get out of the credential management business, and focus on the applications  Enabling industry to provide identity credentials: Eases the burden of doing business with consumers and business Takes government out of the credential issuance/management business Allows government to leverage authentication work done by others

8 8 The E-Authentication Initiative Why is E-Authentication Engaging Commercial Entities?  Because the Federal Government does not want to be in the credential management business, and certain commercial entities – like insurers and other financial institutions – are natural credential service providers (CSPs)  Look in your wallet – what 3 credentials are you most likely to find? A credit card/bank card A health insurance card A State Government-issued driver’s license or photo ID Consumer convenience and trust are key to selecting credential service providers

9 9 The E-Authentication Initiative CSP E-Authentication (Agency Apps) E-Authentication Federated Identity Model ConsumersBusinesses

10 10 The E-Authentication Initiative Governments Federal States/Local International Higher Education Universities Higher Education PKI Bridge Healthcare American Medical Association Patient Safetty Institute Travel Industry Airlines Hotels Car Rental Trusted Traveler Programs Who Can Be in the Trust Network? E-Commerce Industry ISPs Internet Accounts Credit Bureaus eBay Trust Network Financial Services Industry Home Banking Credit/Debit Cards Insurance Absent a National ID and unique National Identifier, the E-Authentication initiative will approve trusted credentials/providers at determined assurance levels.

11 11 The E-Authentication Initiative Business-Focused Applications Type of TransactionSample ApplicationPotential Users Registration Employer Identification Number22.9M small businesses Taxes 80 forms22.9M small businesses Licensing/Permits/ Accreditation Nat’l Park Service Research Permits 3500 researchers, 10,000 permits requested each year Compliance EPA Central Data Exchange15,000 industries and laboratories Grants/Loans/ Subsidies FHA Connection90,000 mortgage lenders – 1.4M loans approved in FY04 Gov’t Contracting E-Offer8,000 primary business contracts; 100,000 projected business users Business Support NASA Integrated Information50,000 contractors, industry participants (350M transaction per year) Int’l Trade Export.gov3 million businesses

12 12 The E-Authentication Initiative Citizen-Focused Applications Type of TransactionSample ApplicationPotential Users Taxes IRS: 87 forms118M returns in 2003 – 52M e-filed, 42M direct deposit Healthcare Health & Human Services’ Transplant Donor 35M potential donors Social Security Statement on Line47M citizens receiving benefits Assistance USA JobsOver 15,000 job postings Recreation Recreation One Stop5.7M campers in 2003 Loans Health & Human Services’ National Student Loan 35M student users Public Safety Dept. of Justice’s Victim Internet System 13M victims and their attorneys Benefits Veterans Affairs Medical and Education Benefits 70M veterans, family members or survivors

13 13 The E-Authentication Initiative Developing a Service  FSTC Working with 5 of the top 10 banks and investment institutions Jointly developing the business model for identity verification services  Shibboleth Analyzing the policy and technical gaps Credential Assessments scheduled with three universities Pilot opportunities with National Park Service  State Governments Aligning with the E-Authentication model Adopting the E-Authentication framework Serving as a credential service provider Becoming a relying party

14 14 The E-Authentication Initiative The Electronic Authentication Partnership State/Local Governments Industry Policy Authentication Assurance levels Credential Profiles Accreditation Business Rules Privacy Principles Technology Adopted schemes Common specs User Interfaces APIs Interoperable COTS products Authz support Federal Government Commercial Trust Assurance Services Policy, Technical, & Business Interoperability Common Business and Operating Rules IDP RP http://www.eapartnership.org/ Interoperability for:

15 15 The E-Authentication Initiative E-Authentication Validated by Independent Report  Burton Group, a respected IT research and advisory services firm, reports that E-Authentication: Aligns with industry best practices Provides flexible and pragmatic common approach to authentication Efforts should continue and expand, with fine tuning “The E-Authentication Initiative’s goals are achievable. The anticipated benefits are real and far-reaching, and extend to end-users, governmental organizations, and commercial businesses alike. The E- Authentication Initiative is well- defined, flexible, technically sound, and employs industry best practices.” Burton Group Report on the Federal E- Authentication Initiative, 8/30/04

16 16 The E-Authentication Initiative For More Information Phone E-mail Sharon Terango 703-872-8619 Sharon.Terango@gsa.govSharon.Terango@gsa.gov Credential Assessment Mgr. Websites http://cio.gov/eauthentication http://www.eapartnership.org/ http://cio.gov/fpkipa

17 17 The E-Authentication Initiative

18 18 The E-Authentication Initiative Progress to Date  Interoperable Products 9 Approved products currently include Entegrity, Entrust, Hewlett-Packard, IBM, Netegrity, Oblix, RSA, Sun and TrustgenixEntegrity Multiple other products are in test in the Initiative’s Interoperability Lab  Credential Service Providers 16 CSPs currently on the E-Authentication Federal Trust List 8 Level 3 CSPs and 3 Level 4 CSPs (PKI) 2 Level 2 CSPs and 3 Level 1 CSPs (Password) Upgraded OPM Employee Express to Level 2 - 1.2 million Federal Employees soon able to use on eTravel  Applications All E-GOV Presidential Initiatives have completed Risk Assessments Production with Integrated Acquisition Environment - eOffer and FedTEDS tools Completed pilot with Grants.gov and finalizing production plans Demonstrated progress on six additional agency pilots

Download ppt "1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004."

Similar presentations

Georgia Department of Community Health

Georgia Department of Community Health
JCAHO –A HIPAA Business Associate National HIPAA Summit

JCAHO –A HIPAA Business Associate National HIPAA Summit
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
1 U.S. General Services Administration E-Government Procurement: Standard Transactions and Interoperability David Temoshok Director, Federal Identity Management.

1 U.S. General Services Administration E-Government Procurement: Standard Transactions and Interoperability David Temoshok Director, Federal Identity Management.
1 The standardization challenge of E-Government After data... what? David Petraitis 5 June 2003 Workshop on challenges, perspectives and standardization.

1 The standardization challenge of E-Government After data... what? David Petraitis 5 June 2003 Workshop on challenges, perspectives and standardization.
Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
HIPAA AWARENESS TRAINING

HIPAA AWARENESS TRAINING
International partnership of law companies Customs & Corporate Lawyers, based on the principles of observance of high professional standards, mutual trust,

International partnership of law companies Customs & Corporate Lawyers, based on the principles of observance of high professional standards, mutual trust,
Single Sign-On and Federated Authentication at NIH and Beyond

Single Sign-On and Federated Authentication at NIH and Beyond
1. 2 August 2009 - Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
Agenda Exchange Context Exchange 101 Implications for Employers

Agenda Exchange Context Exchange 101 Implications for Employers
Internal Control–Integrated Framework

Internal Control–Integrated Framework
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking – Slide 1 Funded by a grant from Take Charge America,

1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking – Slide 1 Funded by a grant from Take Charge America,
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study.

LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Public Key Infrastructure (PKI) Hosting Services.

Public Key Infrastructure (PKI) Hosting Services.
August 2004 Providing Industry-wide Security and Identity Management Solutions.

August 2004 Providing Industry-wide Security and Identity Management Solutions.

Similar presentations

Ads by Google