GSA plots single sign-in

Shutterstock image (by NREY): digital fingerprint identification.

What: Expanding Connect.Gov

Why: Navigating the Internet using a tangle of username-password combinations can tax even the sharpest memory. One solution is to use a single trusted identification credential, like a Google or Facebook account, to access a variety of sites. The federal government is taking that approach in its Connect.Gov service, run by the General Services Administration. Formerly known as the Federal Cloud Credential Exchange, Connect.Gov is working toward creating a system in which users can access government websites and services using an existing credential.

If it works, ordinary users of government services will be able to access federal websites using a single login, one that is more secure than a simple username-password because credential owners can lock down access in a variety of ways, such as two-factor authentication using a mobile phone, or a set of encryption keys known only to the user.

The effort is in an early phase. A pilot program called USPS Connect run by the U.S. Postal Services uses credentials from Yahoo, Google, Verizon, ID.me and PayPal to clear users for single-login access to a variety of government services. The single-login idea is at the forefront of the work of the National Strategy for Trusted Identities in Cyberspace, which is run by the National Institute of Standards and Technology.

GSA is looking to go wide with the single-login approach. In an April 16 request for information, GSA is seeking vendors to develop a full operational model for Connect.gov. "The next generation of data-centric digital applications will largely be driven by the government’s ability to inspire trust among its users. This may require agencies to leverage multi-factor authentication, effective identity proofing, and provide a good user experience," per the RFI.

GSA is seeking proposals that conform to one of two operational models. The first imagines Connect.gov run on the basis of two contracts, one for a business broker to approve participating credential service providers and manage relationships with those firms, and a second contract for a technical broker to operate the gateway between the government agency systems and the Connect.gov platform. Under a second model, GSA would manage a blanket purchase agreement or other contract vehicle to cover the business broker and technical broker operations. Under either model, a contractor would be responsible for operating the intermediate layer between the credential provider (Google, PayPal, etc.) and the participating government agencies. The agencies would pay GSA directly to use Connect.Gov.

Responses are due by June 19.

Posted by Adam Mazmanian on Apr 20, 2015 at 12:56 PM


Featured

  • Image: Shutterstock

    COVID, black swans and gray rhinos

    Steven Kelman suggests we should spend more time planning for the known risks on the horizon.

  • IT Modernization
    businessman dragging old computer monitor (Ollyy/Shutterstock.com)

    Pro-bono technologists look to help cash-strapped states struggling with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help.

Stay Connected