Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004.

Similar presentations


Presentation on theme: "1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004."— Presentation transcript:

1 1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004

2 2 The E-Authentication Initiative  E-Authentication provides a blueprint for online identity validation that will enable the American public to access government services in a secure, trusted environment with credentials of their choosing Government Services Must Be Available Online E-Authentication Enables E-Government

3 3 The E-Authentication Initiative What are the Goals of the Initiative?  Build and enable mutual trust needed to support wide-spread use of electronic interactions between the public and Government  Minimize the burden on the public when obtaining trusted electronic services from the Government  Deliver common interoperable authentication solutions, appropriately matching the levels of risk and business needs The Result: Businesses & individuals will be empowered to conduct business with Government at all levels using e-identity credentials provided by trusted institutions

4 4 The E-Authentication Initiative The Concept of E-Authentication Credential Service Provider Agency Application Access Point Application User Step 3Step 2 Step 1 Step 1: At access point (portal, agency Web site or credential service provider) user selects agency application and credential provider Step 2: User is redirected to selected credential service provider If user already possesses credential, user authenticates If not, user acquires credential and then authenticates Step 3: Credential service hands off authenticated user to the agency application selected at the access point

5 5 The E-Authentication Initiative Critical Elements of E-Authentication POLICY Governance Certification Liability Business Model Dispute resolution APPLICATIONS 6500 G2B & G2C applications Gov’t Paperwork Elimination Act OMB mandates TECHNOLOGY Federated model Standards based COTS based Flexible, scalable Extensible CREDENTIAL SERVICE PROVIDERS Federal agencies Financial institutions Health care providers State governments

6 6 The E-Authentication Initiative The OnLine Marketplace  Business and Government moving in the same direction  Services online to Increase accessibility to customer Streamline processes Reduce costs Improve customer satisfaction Issue: How to Fulfill the Demand for Authentication Across the Federal Government Enterprise Shopping Online Transactions of Value to Consumers, Businesses and Government Broadening to

7 7 The E-Authentication Initiative Electronic Government is Evolving  Currently, in e-government transactions, the Federal government is the provider of the identity credential  As e-government evolves, the government intends to get out of the credential management business, and focus on the applications  Enabling industry to provide identity credentials: Eases the burden of doing business with consumers and business Takes government out of the credential issuance/management business Allows government to leverage authentication work done by others

8 8 The E-Authentication Initiative Why is E-Authentication Engaging Commercial Entities?  Because the Federal Government does not want to be in the credential management business, and certain commercial entities – like insurers and other financial institutions – are natural credential service providers (CSPs)  Look in your wallet – what 3 credentials are you most likely to find? A credit card/bank card A health insurance card A State Government-issued driver’s license or photo ID Consumer convenience and trust are key to selecting credential service providers

9 9 The E-Authentication Initiative CSP E-Authentication (Agency Apps) E-Authentication Federated Identity Model ConsumersBusinesses

10 10 The E-Authentication Initiative Governments Federal States/Local International Higher Education Universities Higher Education PKI Bridge Healthcare American Medical Association Patient Safetty Institute Travel Industry Airlines Hotels Car Rental Trusted Traveler Programs Who Can Be in the Trust Network? E-Commerce Industry ISPs Internet Accounts Credit Bureaus eBay Trust Network Financial Services Industry Home Banking Credit/Debit Cards Insurance Absent a National ID and unique National Identifier, the E-Authentication initiative will approve trusted credentials/providers at determined assurance levels.

11 11 The E-Authentication Initiative Business-Focused Applications Type of TransactionSample ApplicationPotential Users Registration Employer Identification Number22.9M small businesses Taxes 80 forms22.9M small businesses Licensing/Permits/ Accreditation Nat’l Park Service Research Permits 3500 researchers, 10,000 permits requested each year Compliance EPA Central Data Exchange15,000 industries and laboratories Grants/Loans/ Subsidies FHA Connection90,000 mortgage lenders – 1.4M loans approved in FY04 Gov’t Contracting E-Offer8,000 primary business contracts; 100,000 projected business users Business Support NASA Integrated Information50,000 contractors, industry participants (350M transaction per year) Int’l Trade Export.gov3 million businesses

12 12 The E-Authentication Initiative Citizen-Focused Applications Type of TransactionSample ApplicationPotential Users Taxes IRS: 87 forms118M returns in 2003 – 52M e-filed, 42M direct deposit Healthcare Health & Human Services’ Transplant Donor 35M potential donors Social Security Statement on Line47M citizens receiving benefits Assistance USA JobsOver 15,000 job postings Recreation Recreation One Stop5.7M campers in 2003 Loans Health & Human Services’ National Student Loan 35M student users Public Safety Dept. of Justice’s Victim Internet System 13M victims and their attorneys Benefits Veterans Affairs Medical and Education Benefits 70M veterans, family members or survivors

13 13 The E-Authentication Initiative Developing a Service  FSTC Working with 5 of the top 10 banks and investment institutions Jointly developing the business model for identity verification services  Shibboleth Analyzing the policy and technical gaps Credential Assessments scheduled with three universities Pilot opportunities with National Park Service  State Governments Aligning with the E-Authentication model Adopting the E-Authentication framework Serving as a credential service provider Becoming a relying party

14 14 The E-Authentication Initiative The Electronic Authentication Partnership State/Local Governments Industry Policy Authentication Assurance levels Credential Profiles Accreditation Business Rules Privacy Principles Technology Adopted schemes Common specs User Interfaces APIs Interoperable COTS products Authz support Federal Government Commercial Trust Assurance Services Policy, Technical, & Business Interoperability Common Business and Operating Rules IDP RP Interoperability for:

15 15 The E-Authentication Initiative E-Authentication Validated by Independent Report  Burton Group, a respected IT research and advisory services firm, reports that E-Authentication: Aligns with industry best practices Provides flexible and pragmatic common approach to authentication Efforts should continue and expand, with fine tuning “The E-Authentication Initiative’s goals are achievable. The anticipated benefits are real and far-reaching, and extend to end-users, governmental organizations, and commercial businesses alike. The E- Authentication Initiative is well- defined, flexible, technically sound, and employs industry best practices.” Burton Group Report on the Federal E- Authentication Initiative, 8/30/04

16 16 The E-Authentication Initiative For More Information Phone Sharon Terango Credential Assessment Mgr. Websites

17 17 The E-Authentication Initiative

18 18 The E-Authentication Initiative Progress to Date  Interoperable Products 9 Approved products currently include Entegrity, Entrust, Hewlett-Packard, IBM, Netegrity, Oblix, RSA, Sun and TrustgenixEntegrity Multiple other products are in test in the Initiative’s Interoperability Lab  Credential Service Providers 16 CSPs currently on the E-Authentication Federal Trust List 8 Level 3 CSPs and 3 Level 4 CSPs (PKI) 2 Level 2 CSPs and 3 Level 1 CSPs (Password) Upgraded OPM Employee Express to Level million Federal Employees soon able to use on eTravel  Applications All E-GOV Presidential Initiatives have completed Risk Assessments Production with Integrated Acquisition Environment - eOffer and FedTEDS tools Completed pilot with Grants.gov and finalizing production plans Demonstrated progress on six additional agency pilots


Download ppt "1 The E-Authentication Initiative E-Authentication: A Federated Approach to Identity Management December 2004."

Similar presentations


Ads by Google