E-authentication architecture due in December

E-Authentication site

Related Links

Look for draft architecture by mid-December to replace the original concept of a gateway to secure agencies' electronic transactions, the person overseeing the administration's E-Authentication initiative said this week.

Officials recently convened a technology advisory council to look at the state of the authentication industry, from passwords to public-key infrastructure. That council's new architecture working group will meet for the first time next week, said Steve Timchak, director of the E-Authentication initiative at the General Services Administration this week.

"We need to begin to look at an authentication architecture rather than a central gateway," Timchak said, speaking at the Federal Information Assurance Conference in College Park, Md.

A prototype gateway is already in use at the Social Security Administration, but officials found that they had to develop custom code for every agency application that needed to use the gateway — and that was just not feasible, Timchak said.

The General Accounting Office last week issued a report criticizing delays in the deployment of the gateway and the GSA-led team's plans for buying the solution. Following up on the report, Rep. Tom Davis (R-Va.), chairman of the House Government Reform Committee, issued a letter to GSA Administrator Stephen Perry outlining his concerns that E-Authentication delays could ripple through e-government work at all federal agencies.

Moving to the draft architecture should make it much easier for agencies to develop their own authentication measures for initiatives and services, Timchak said.

"I think this is an important step," he said. "It provides a standard application programming interface that agencies can map to — the E-Authentication Gateway did not afford us that opportunity...We think that we are at the point where there is sufficient interoperability in a number of products that we can run with it."

Officials with the E-Authentication program are working with the National Institute of Standards and Technology to develop an authentication interoperability lab that can test products and publish a list of those that will work together, Timchak said.

And commercial and government experts will form an Electronic Authentication Council to develop identity management rules for areas such as trust standards for credential issuers and third-party credentials. The council's first meeting will be Dec. 10, Timchak said.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.