Policy would secure users, transactions

E-Authentication Initiative

Related Links

The federal CIO Council this month approved a proposal to create a single policy that all agencies would use to authenticate electronic messages, documents and users themselves.

With the growth of e-government, "there is renewed interest from our upper-level management" in authentication, said Judy Spencer, chairwoman of the Federal Public-Key Infrastructure Steering Committee. "We have to develop this common policy framework that reaches across these different areas, and then below that, we need to give agencies the component pieces" to fit into their applications and infrastructure.

Authentication is the process of verifying the identity of a sender of an electronic message or transaction.

The new policy will include the work on the certificate policy established by the PKI Steering Committee, the draft authentication policy that the Smart Card Project Managers Group is developing and the authentication levels that the General Services Administration is working on in its e-Authentication e-government initiative, Spencer said.

The single policy should make it easier for agencies to incorporate e-authentication into their systems, said Alan Paller, director of research for the SANS Institute, a security education and research organization. "It's a good thing because one of the two extreme costs of certificates is the development of a common policy," he said. "Having [the Office of Management and Budget] and others creating one [policy] eliminates a lot of the upfront cost."

The single policy, said Marty Wagner, associate administrator for GSA's Office of Governmentwide Policy, "will save agencies time and effort in implementing e-government."

Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.