Input sought on security gateway

E-Authentication initiative

The government team leading the development of a security gateway designed to authenticate users accessing e-government services asked industry last week for possible solutions to make the initiative a reality.

The "technical exchange day" held June 7 at Mitretek Systems Inc., the nonprofit organization assisting the General Services Administration-led team on the E-Authentication project, was the first chance for government to outline its plans to a large industry gathering.

The lack of a defined technology architecture surprised many of the vendors attending the briefing, but Tice DeYoung, the e-authentication project's technical lead and a research scientist at NASA, said the government did not want to restrict itself to any specific architecture or particular products.

The basic concept outlined at the briefing reiterated that the gateway will validate any type of credential — such as a password or digital certificate — issued to access any government application that wishes to participate.

The agency program offices will be responsible for determining what level of credential is necessary for each of the applications connected to the gateway, while the gateway will likely serve as a central point to validate credentials issued by multiple organizations, DeYoung said.

The gateway prototype is expected to be operational in September, working with two to four of the other e-government initiatives overseen by the Office of Management and Budget as part of the Bush administration's E-Government Strategy.

This week, GSA will be providing the other e-government initiative leaders with an online tool to start evaluating their authentication needs, and soon they will be using a modified version of the Operationally Critical Threat, Asset and Vulnerability Evaluation tool developed by the CERT Coordination Center at Carnegie Mellon University in Pittsburgh, Pa., said Steve Timchak, program manager for the e-authentication initiative.

This evaluation will be the basis for any future decisions about what functions the gateway needs to perform, he said.

The team will conduct a discussion of the policy considerations for the gateway at its industry day conference at the Commerce Department scheduled for June 18 and to be led by Mark Forman, the associate director for information technology and e-government at OMB.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected