Feds to use 'federated' ID checks

Federal government officials will rely on other organizations to verify users' identities when they apply online for government loans or jobs.

The General Services Administration is building a system to help people feel safe conducting transactions with the federal government via the Internet, said David Temoshok, director of identification policy and management at GSA.

Behind the ambitious project is a federally run interoperability-testing lab to ensure the compatibility of commercial authentication products on which the infrastructure will depend. GSA officials will continue to operate the lab until industry establishes a similar facility, Temoshok said.

Speaking today at an industry event sponsored by the market research firm Input, in Falls Church, Va., Temoshok said citizens would use a Web browser to have their identities verified. Then, they would be redirected to agency Web sites where they will be authorized, or not, to apply for a loan or government benefits, for example.

Depending on the type of transaction, citizens will present different kinds of credentials to prove their identities, Temoshok said. The authentication infrastructure will not require a nationwide system of unique identification such as Social Security numbers or a central registry of personal information, he said.

Instead, the infrastructure will be based on what Temoshok called a federated identity management model. That model, which is in line with commercial trends, depends on relationships of trust among the federal government and others, including international governments, he said.

The federated approach also requires establishing trusted relationships with higher education, health care, financial services and travel industry groups, for example. That trust will be built on common business rules, policies and technologies, Temoshok said.

Using Web browsers for e-authentication is the only practical solution for 280 million U.S. citizens, he said. But for internal transactions among agencies and within agencies, GSA will follow the Defense Department's lead in adopting secure smart cards to verify the identities of federal employees, Temoshok said. A list of GSA-approved smart card suppliers is posted on a GSA Web site.

The governmentwide e-authentication infrastructure will support various government-to-citizen, government-to-business and government-to-government initiatives, and internal efficiency efforts now under way, Temoshok said.

A Transportation Department official who spoke at the morning event said DOT officials plan to be among the first to hook some of their programs into the e-authentication infrastructure. Provided it has the money to do so, the department will make that a major project in fiscal 2005, said Lisa Schlosser, associate chief information officer for information technology program management at DOT.

DOT is beginning to get its computer security problems under control, and the e-authentication infrastructure will play a big part in doing so, Schlosser said. "We were in a terrible cycle," said. "We had no strategic plan. We had no plans."

And with no plans, she said, the department could get no money to fix the security problems.

Featured

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

Stay Connected