Report calls PKI key to a digital U.S. government

A fledgling technology built on public key infrastructure (PKI) will be key to the government's success in achieving the "digital government" envisioned by the Clinton administration, according to a report released today.

The report, called "Access With Trust," lays out a plan for agencies to begin building a PKI foundation to secure electronic transactions. It also describes a partnership between the government and the private sector to design and build a PKI to improve the public's access to government services and information, and to tighten the security of unclassified government information systems.

PKI, a framework of technology and policy regarding the use of digital signatures, will be a foundation to support trusted communication among federal government agencies and between agencies and the private sector, according to the report.

"We're looking at this document...as a means to an end," said Richard Guida, security champion for security of the Government Information Technology Services Board. "The end we're trying to achieve is...the appropriate use of digital signature technology by federal agencies for their internal transactions and their external transactions. PKI is never going to jell until you apply a stimulus to it. You've got to go out and use the technology and maybe take a few bruises in the process."

The report outlines several agency pilot projects testing PKI technology, including the Agriculture Department's use of PKI technology to secure electronic benefits transfer between the department and various states.

Guida said the report is designed to provide agencies guidance and some examples of other government uses. "We don't want to have...a situation where you have disparate uses of the technology...that creates stovepipes," Guida said. "[We are] bringing agencies together that are working on this so agencies can learn from each other."

According to the report, PKI will provide four security services: authentication, data integrity, nonrepudiation (verification that an electronic message has been sent) and confidentiality. It will be designed not with a "government-only approach" but as part of the evolving private-sector PKI being built using commercial products.

The report was published by the Federal Public Key Infrastructure Steering Committee, GITS and the Office of Management and Budget.

It is available online at gits.gov.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.