E-Authentication waits for rest of the pack

Technically, e-Authentication is ready—and waiting.

The government has had a working prototype of the online certificate authentication gateway for several months.

Now the initiative’s leaders at the General Services Administration await the completion of the other 24 Quicksilver e-government initiatives and for the Office of Management and Budget to set security policies.

“The gateway has to come up with some assurance levels based on risks of e-gov initiatives,” said Steve Timchak, program executive for e-Authentication in GSA’s Office of Governmentwide Policy. OMB is supposed to develop those policies, he said.

As agencies work on their e-government projects this year, OGP is developing a written taxonomy that will establish a process by which credential providers such as smart-card developers, biometric systems providers and certificate authorities can link to the gateway.

The classifications will define the “levels of applications that require different levels of authentication,” G. Martin Wagner, associate administrator for the policy office.

E-Authentication is the linchpin of the Quicksilver initiatives, Wagner said. “It makes everything work and is absolutely critical,” he said.

Because the gateway is scheduled for launch this fall, it will run with or without a completed set of rules and policies, said David Temoshok, director for identity policy and management in the policy office.

The GSA team plans to link about a dozen e-government applications to the gateway this year.

OMB is guiding agencies on the level of authentication for their e-government initiatives. Some will choose to secure their transactions with digital certificates within a public-key infrastructure.

Agencies will have to analyze the costs, risks and potential benefits of the authentication level they are considering, Temoshok said. Surfing the Internet requires few security measures; getting government-issued identification could require something stronger, such as a digital certificate.

OMB will create the common policies, protocols and rules for all initiatives that connect to the gateway.

For agencies securing transactions with digital certificates, the Federal Bridge Certification Authority will link PKI trusted domains.

“The gateway will interface with the bridge and validate PKI credentials,” Timchak said.

A visitor goes through firstgov.gov or to an application via an agency’s URL, presents some form of credential to use an agency initiative, and that information would pass back to the gateway for validation, he said.

Cross that bridge

Digital certificates would go through the Federal Bridge to a certification authority for validation.

Now, the prototype manages access to the National Finance Center’s time-and-attendance and payroll reporting systems. Mitretek Systems Inc., a nonprofit research organization in Falls Church, Va., is hosting the prototype for the Agriculture Department organization’s system, which handles payroll services for many government agencies.

But the gateway isn’t yet ready to handle full-scale traffic from e-government initiatives.
It’s up to the managers of the other Quicksilver projects to catch up and use the gateway, Temoshok said.

“We’re looking for applications to link to the gateway,” he said. “We have not done scalability” testing.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected