System starts with authentication

Putting a permit application process online opens a cornucopia of possibilities: increasing speed, accuracy and cost-effectiveness, and adding services. But before adding anything, “security has to come first,” said Alison Young, program manager for the Animal and Plant Health Inspection Service’s Comprehensive Electronic Permitting System known as ePermits.

That starts with authenticating users via the Agriculture Department’s eAuthentication program. Users, who include federal agencies, Congress, states, tribes, foreign governments, agricultural interests and the public, first must get Level 2 authentication, she said. “That means their local regulatory authority must verify their identity in person from a valid driver’s license or [similar proof of identity]. Then they get a Level 2 user ID and password to use the system.”

The user signs in on the ePermit Web portal and fills out an online application.

“We also allowed some limited use of Extensible Markup Language for the large companies that apply for a large volume of permits and already had their own internal systems in place,” said Kevin O’Connor, ePermits account manager for contractor Science Applications International Corp. of San Diego.

Payments are handled via a link to the Treasury Department’s, a job O’Connor and Young are glad to hand off. “We made the system secure, but still, collecting and storing all that credit card information—that’s a headache we don’t need,” O’Connor said.

“And it’s not our business to take care of money,” Young added, “so we let Treasury do what they do well.” automatically notifies APHIS of the transaction’s outcome.

With an OK, “the application proceeds through as many as 60 steps needed to approve the permit,” Young says. “There are scientists and a host of people in each organization who need to review and approve each application.”

The workflow system tracks each application, providing an audit trail. “It lets us monitor its progress, make and read comments ... and see who handled it and what they did,” Young said.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

  • Cybersecurity
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    NDAA process is now loaded with Solarium cyber amendments

    Much of the Cyberspace Solarium Commission's agenda is being pushed into this year's defense authorization process, including its crown jewel idea of a national cyber director.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.