E-authentication gains ground in agencies

Agencies slowly are warming up to using electronic signatures and other forms of electronic verification as a part of their everyday business. The Treasury Department is piloting a smart-card program for electronic and physical access, CIO Drew Ladner said last week at an e-government conference sponsored by Federal Sources Inc. of McLean, Va., and Potomac Forum Ltd. of Potomac, Md.And the Environmental Protection Agency is working on a final rule to let state governments and private companies submit mandatory environmental reports electronically, said Wendy Cleland-Hamnett, who works in the agency’s CIO’s office and is responsible for EPA’s Government Paperwork Elimination Act reporting.“We have been working on this for a number of years and hope to have it out by this fall,” Cleland-Hamnett said. “We are trying to ensure we can trace the signature back to the person in cases of civil or criminal liability.”EPA is considering using a public-key infrastructure with a PIN and password to authenticate a user through the federal e-authentication gateway, she said.Treasury’s test program is for a selected set of employees, and it also is integrated with the agency’s PKI deployment, Ladner said.“We want to ensure convergence with the e-authentication gateway,” Ladner said. “We are aligning the level of risk with the security needed.”The test will continue into the fall, and then Treasury will evaluate the results, Ladner said.“We are interested in looking at different authentication services and what value they can provide,” he added.