GSA will lead e-authentication project

GSA will lead e-authentication project

The General Services Administration will oversee formation of a governmentwide public-key infrastructure through an electronic authentication project endorsed by the Office of Management and Budget.

John Sindelar, deputy associate administrator in GSA’s Office of Governmentwide Policy, said PKI is not mandatory, although it is the preferred security measure for e-government projects.

“We don’t have to create another centrifugal force,” Sindelar said. He said agencies should just use existing resources.

The FirstGov.gov portal, Sindelar said, will integrate its communication channels to become an official public gateway to a growing number of online federal services and will promote PKI services under GSA’s Access Certificates for Electronic Services program.

FirstGov will be able to collect information—in a customer relationship management or case management methodology—in a way that will prevent agencies from collecting duplicate information, Sindelar said.

Some initiatives will be fine without a PKI, he said. Others, such as tax filing or other sensitive transactions, probably will need it.

“What we see is a landscape of interconnectivity,” said Mark Forman, OMB associate director for IT and e-government. With government-to-government projects, for example, PKI would ease concerns about sharing information that’s behind a firewall, he said.

Forman told about 500 federal officials and commercial security experts at a symposium last month that PKI will be the enabler of OMB’s 23 endorsed e-gov projects. He also warned that agencies that don’t implement security measures in their e-gov initiatives’ business cases would not get funding.

Even though OMB has been working with the Federal PKI Steering Committee for five years, “I think 9/11 really galvanized things” for PKI security, said Judith Spencer, chairwoman of the CIO Council’s PKI Steering Committee.

Tim Polk, PKI program manager at the National Institute of Standards and Technology, referred to agencies’ well-known reluctance to trust third parties with their digital certificates [GCN, July 23, Page 7].

“No one wants to be the registration authority, and no one wants to house the certification authority,” Polk said.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.