Presentation is loading. Please wait.

Presentation is loading. Please wait.

U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of.

Published byClyde Lawrence Modified over 8 years ago

Similar presentations

Presentation on theme: "U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of."— Presentation transcript:

1 U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of Information Security

2 Paperwork Reduction Act National Performance Review’s Access America FPKISC Access With Trust Government Paperwork Elimination Act Mandates for On-Line Access

3 Facilitates secure on-line access to Government information and services by the Public through the use of public key technology. The ACES Concept

4 Provides a Government-wide Public Key Infrastructure. Provides auxiliary services that participating agencies may need to make use of the Infrastructure. Reduces overall costs by aggregating Government requirements. ACES Features

5 Identity Proofing Certificate Issuance On-line Validation Access to Information Compliance with Federal Requirements Validation Pricing Options The ACES PKI

6 Any Web-based Government Application Access Federal System with ACES Return Personalized Government Benefits/Information Validate Electronic ID (ACES) Secure Web Citizen Getting Services

7 Controlled by the application Application binds certificate identity to specific record data through second level proofing Application determines access based on certificate status and identity Application retains the right to deny access at any time Access to Information

8 Procurement Integrity Act OMB Circular A-130 –Paperwork Reduction Act –Computer Security Act –Privacy Act OMB Circular A-123 –Federal Managers Financial Integrity Act Cryptographic and Digital Signature Standards (FIPS 140-1 and 186) Compliance with Federal Requirements

9 Task Order Based Competition –Certificate Issuance for users Industry Partner provided Identity Proofing Government provided Identity Proofing –Certificate Issuance for agency applications Transaction-based validation pricing –Set by Contract. Common across all awardees. –Transaction Costs are Volume Banded. Higher use, lower rates $1.20 to $0.40 per transaction ACES Pricing Scheme

10 Agency Application Certificate Certificates issued to and renewed by Agencies for applications participating in ACES. Supplemental PKI Services Support for other system integration and PKI requirements such as: products, services, programming, and other systems integration support as may be required to enable Agency applications to implement PKI solutions that meet unique requirements (e.g. encryption Technology Updates Incorporation of new algorithms, formats, technologies, mechanisms, and media Ad Hoc Data Ad hoc data collection, analysis, and/or dissemination services related to ACES infrastructure services. Hardware Tokens Optional hardware token for generation of key pairs and storage of private key. Auxiliary Services Task Order Based

11 ABAecom, America Online, Baltimore Technologies, Booz-Allen Hamilton, Computer Sciences Corp. (CSC), Cygnacom Solutions, Entrust, Microsoft, Netscape National Computer Systems, Price Waterhouse Coopers, Valicert Inc., Xcert International Inc. Cygnacom Solutions, DataKey, Litronics, nCipher, Netscape Verisign, Inc Industry Partners

12 ACES provides strong authentication using identity-based digital signature certificates. Agencies should consider the need for such strong authentication when deciding which on line applications need ACES protection. Five categories of Government to Public communications have been identified by OMB that could require this strong authentication. Defining Need

13 Benefits Grants Filings Personal/Private/Proprietary Information Procurement Five Communication Categories

14 Agency Recognizes a Need ACES PKI Services Auxiliary PKI Services PKI Needs Analysis Sign Relying Party Agreement Contacts OIS Sign MOU w/OIS OIS Contacts Partners to Activate Notifies FEDCAC Partners Provide Billing to FTS FTS aggregates charges, Bills Agency, and pays Partners Finalize SOW Develop Task Order Conduct Evaluation Award Task Order Getting ACES Services

15 Initial ACES Award 9/10/99 Source Selection Ends10/27/99 Certification & Accreditation 9/20/99 - 1/27/00 Certificate Issuance begins12/20/99 Task Order CLINS Available NOW Program Timeframes

16 ACES Program Manager Stanley Choffrey202-708-7943 stanley.choffrey@gsa.gov ACES Contracting Officer Jeanne Davis781-860-7138jeanne.davis@gsa.gov Center for Governmentwide Security Judith Spencer202-708-5600judith.spencer@gsa.gov Contact Information

Download ppt "U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of."

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.

The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
(n)Code Solutions A division of GNFC

(n)Code Solutions A division of GNFC
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Public Key Infrastructure (PKI) Hosting Services.

Public Key Infrastructure (PKI) Hosting Services.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
European Electronic Identity Practices Country Update of …………… Speaker: Date:

European Electronic Identity Practices Country Update of …………… Speaker: Date:
PKI Implementation in the Real World

PKI Implementation in the Real World
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Electronic Government: Law, Policy, and Practice Jonathan P. Womer Information Policy and Technology Office of Management and Budget

Electronic Government: Law, Policy, and Practice Jonathan P. Womer Information Policy and Technology Office of Management and Budget
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Similar presentations

Ads by Google