E-authentication architecture due in December

E-Authentication site

Related Links

Look for draft architecture by mid-December to replace the original concept of a gateway to secure agencies' electronic transactions, the person overseeing the administration's E-Authentication initiative said this week.

Officials recently convened a technology advisory council to look at the state of the authentication industry, from passwords to public-key infrastructure. That council's new architecture working group will meet for the first time next week, said Steve Timchak, director of the E-Authentication initiative at the General Services Administration this week.

"We need to begin to look at an authentication architecture rather than a central gateway," Timchak said, speaking at the Federal Information Assurance Conference in College Park, Md.

A prototype gateway is already in use at the Social Security Administration, but officials found that they had to develop custom code for every agency application that needed to use the gateway — and that was just not feasible, Timchak said.

The General Accounting Office last week issued a report criticizing delays in the deployment of the gateway and the GSA-led team's plans for buying the solution. Following up on the report, Rep. Tom Davis (R-Va.), chairman of the House Government Reform Committee, issued a letter to GSA Administrator Stephen Perry outlining his concerns that E-Authentication delays could ripple through e-government work at all federal agencies.

Moving to the draft architecture should make it much easier for agencies to develop their own authentication measures for initiatives and services, Timchak said.

"I think this is an important step," he said. "It provides a standard application programming interface that agencies can map to — the E-Authentication Gateway did not afford us that opportunity...We think that we are at the point where there is sufficient interoperability in a number of products that we can run with it."

Officials with the E-Authentication program are working with the National Institute of Standards and Technology to develop an authentication interoperability lab that can test products and publish a list of those that will work together, Timchak said.

And commercial and government experts will form an Electronic Authentication Council to develop identity management rules for areas such as trust standards for credential issuers and third-party credentials. The council's first meeting will be Dec. 10, Timchak said.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.