GSA plots single sign-in

Shutterstock image (by NREY): digital fingerprint identification.

What: Expanding Connect.Gov

Why: Navigating the Internet using a tangle of username-password combinations can tax even the sharpest memory. One solution is to use a single trusted identification credential, like a Google or Facebook account, to access a variety of sites. The federal government is taking that approach in its Connect.Gov service, run by the General Services Administration. Formerly known as the Federal Cloud Credential Exchange, Connect.Gov is working toward creating a system in which users can access government websites and services using an existing credential.

If it works, ordinary users of government services will be able to access federal websites using a single login, one that is more secure than a simple username-password because credential owners can lock down access in a variety of ways, such as two-factor authentication using a mobile phone, or a set of encryption keys known only to the user.

The effort is in an early phase. A pilot program called USPS Connect run by the U.S. Postal Services uses credentials from Yahoo, Google, Verizon, ID.me and PayPal to clear users for single-login access to a variety of government services. The single-login idea is at the forefront of the work of the National Strategy for Trusted Identities in Cyberspace, which is run by the National Institute of Standards and Technology.

GSA is looking to go wide with the single-login approach. In an April 16 request for information, GSA is seeking vendors to develop a full operational model for Connect.gov. "The next generation of data-centric digital applications will largely be driven by the government’s ability to inspire trust among its users. This may require agencies to leverage multi-factor authentication, effective identity proofing, and provide a good user experience," per the RFI.

GSA is seeking proposals that conform to one of two operational models. The first imagines Connect.gov run on the basis of two contracts, one for a business broker to approve participating credential service providers and manage relationships with those firms, and a second contract for a technical broker to operate the gateway between the government agency systems and the Connect.gov platform. Under a second model, GSA would manage a blanket purchase agreement or other contract vehicle to cover the business broker and technical broker operations. Under either model, a contractor would be responsible for operating the intermediate layer between the credential provider (Google, PayPal, etc.) and the participating government agencies. The agencies would pay GSA directly to use Connect.Gov.

Responses are due by June 19.

Posted by Adam Mazmanian on Apr 20, 2015 at 12:56 PM


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.