GSA drafts e-Authentication policy

Draft e-Authentication policy

The General Services Administration today released a draft e-Authentication policy that outlines four levels of assurance against which agencies must align all federal transactions and services by Sept. 15, 2005.

The draft policy, which is part of the e-Authentication e-government initiative, is based on the information risk factor, what person or organization the information is regarding and the amount of harm it may cause if that information is compromised.

The draft policy outlines the four assurance levels — minimal, low, substantial and high — and provides examples of potential federal transactions at each level. A transaction needing only minimal authentication might be the registration to create a customized Web site through the Education Department's my.ed.gov portal. A substantial authentication transaction might be communication between a vendor and an agency contracting officer.

Agencies are already working to map the other e-government initiatives to the assurance levels, and that process must be completed by Oct. 1, 2003. Assessments on all federal systems classified as "major" under the Office of Management and Budget's investment guidelines should be completed by Sept. 15, 2004, and all existing transactions and systems must be categorized by Sept. 15, 2005.

Any new systems or transactions needing authentication should be categorized within 90 days of the final e-Authentication technical guidance issuance, which has an expected release date later this year.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.