GSA plots single sign-in

Shutterstock image (by NREY): digital fingerprint identification.

What: Expanding Connect.Gov

Why: Navigating the Internet using a tangle of username-password combinations can tax even the sharpest memory. One solution is to use a single trusted identification credential, like a Google or Facebook account, to access a variety of sites. The federal government is taking that approach in its Connect.Gov service, run by the General Services Administration. Formerly known as the Federal Cloud Credential Exchange, Connect.Gov is working toward creating a system in which users can access government websites and services using an existing credential.

If it works, ordinary users of government services will be able to access federal websites using a single login, one that is more secure than a simple username-password because credential owners can lock down access in a variety of ways, such as two-factor authentication using a mobile phone, or a set of encryption keys known only to the user.

The effort is in an early phase. A pilot program called USPS Connect run by the U.S. Postal Services uses credentials from Yahoo, Google, Verizon, ID.me and PayPal to clear users for single-login access to a variety of government services. The single-login idea is at the forefront of the work of the National Strategy for Trusted Identities in Cyberspace, which is run by the National Institute of Standards and Technology.

GSA is looking to go wide with the single-login approach. In an April 16 request for information, GSA is seeking vendors to develop a full operational model for Connect.gov. "The next generation of data-centric digital applications will largely be driven by the government’s ability to inspire trust among its users. This may require agencies to leverage multi-factor authentication, effective identity proofing, and provide a good user experience," per the RFI.

GSA is seeking proposals that conform to one of two operational models. The first imagines Connect.gov run on the basis of two contracts, one for a business broker to approve participating credential service providers and manage relationships with those firms, and a second contract for a technical broker to operate the gateway between the government agency systems and the Connect.gov platform. Under a second model, GSA would manage a blanket purchase agreement or other contract vehicle to cover the business broker and technical broker operations. Under either model, a contractor would be responsible for operating the intermediate layer between the credential provider (Google, PayPal, etc.) and the participating government agencies. The agencies would pay GSA directly to use Connect.Gov.

Responses are due by June 19.

Posted by Adam Mazmanian on Apr 20, 2015 at 12:56 PM


Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.