1 / 12

U.S. Federal e-Authentication Initiative

U.S. Federal e-Authentication Initiative. Peter Alterman, Ph.D. Senior Advisor to the Chair, US Federal PKI Steering Committee. TERENA 2003. U.S. e-Authentication Initiative Goals:.

Download Presentation

U.S. Federal e-Authentication Initiative

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

  1. U.S. Federal e-Authentication Initiative Peter Alterman, Ph.D. Senior Advisor to the Chair, US Federal PKI Steering Committee TERENA 2003

  2. U.S. e-Authentication InitiativeGoals: • Tobuild and enable mutualtrust needed to support wide spread use of electronic interactions between the public and Government, and across Governments • Tominimize the burden on the public when obtaining trusted electronic services from Government agencies • To deliver common interoperable authentication solutions, ensuring they are appropriate matches for the levels of risk and business needs of each e-Government initiative TERENA 2003

  3. The Challenge to Interoperability Authentication interoperability becomes much more complex as the number of credential providers and relying parties increases. TERENA 2003

  4. The Need for the Authentication Gateway Credential Providers Authentication Gateway Relying Parties • The Authentication Gateway simplifies interoperability: • Common way to determine and validate “Trusted” credentials • “Common Rules” for Agreements among Gateway, Agencies and Credential Providers. TERENA 2003

  5. Defining the Need Signature Required Identity Verification Required High Risk e-Gov Initiatives Low Risk Identity Verification Not Required Personal Information Change Request Benefits Application General Information Proprietary Information Privilege Management

  6. A Vision for the Future Business Agent Citizen Direct Access Capability Preserved State or Federal Government Academia Health Care Credential Providers Identity Verification Not Required Identity Verification Required Credential Validation Process eAuthentication Gateway Federal Agency Relying Parties TERENA 2003

  7. The U.S. e-Authentication Gateway • Is not: • An issuer of ID credentials • A collector of personal information • A repository of information • The Federal Bridge Certification Authority • e-Security • Is: • A provider of validation services for multiple forms of ID credentials • A source of risk/assurance levels for multiple forms of ID credentials • Available for all e-Gov initiatives TERENA 2003

  8. Status of U.S. e-Authentication Program • R&D has shown that the E-Auth industry is currently: • Enterprise-based rather than inter-enterprise • Centrally managed rather than distributed • Proprietary solutions rather than open • Priced for the enterprise rather than multi-enterprise • The RFI responses and other research has shown that the E-Auth industry is: • Adopting federated solutions • Evolving to distributed management • Utilizing open standards • Adapting pricing to multi-enterprise solutions • Agency E-Gov systems are becoming ready to utilize a common open, standards-based e-Auth infrastructure TERENA 2003

  9. U.S. e-AuthenticationMessage to Government: • Prototype Gateway is operational in a test environment as of 9/30/02 • It will undergo a delta certification and accreditation (C&A) for live transactions by 01/06/03 • Gateway will provide authentication and verification services to the 24 e-Gov initiatives • Gateway will provide authentication services across Government lines of business TERENA 2003

  10. U.S. e-Authentication and Higher Education: • E-Grants project will create standard XML objects to assemble various grant application “forms” • Universities will fill out forms locally and upload them to the e-Grants site • Extended NIH-EDUCAUSE PKI Interoperability Pilot Project will: • Use e-Grants XML forms • Incorporate the e-Authentication Gateway into the certificate validation path • Demonstrate alternate signing and authZ approaches TERENA 2003

  11. U N V E R S T Y HEBCA CA - Research Institution E-Authentication Gateway Digitally Signed Grant App. FBCA I B M Audit Log (NARA) Simplified Concept of Operations Validate certs Receipt and Authorization Server Agency Back End Processing TERENA 2003

  12. Contact Information • Dr. Peter Alterman, Assistant Chief Information Officer for Electronic Authentication, NIH • Peter.alterman@nih.gov • Deborah Blanchard, Project Manager, Digital Signature Trust / Identrus • dblanchard@trustdst.com TERENA 2003

More Related