1. E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative

2. 2 The Challenge  All agencies grappling with online Identity Management issues  “Silo-ed” applications and disconnected security policies causing proliferation of online identity credentials for federal employees, businesses, and consumers  Best practices increasingly dictating holistic or enterprise approach to solving online Identity Management challenge The Answer A single solution that enables a more uniform application of electronic authentication across the Federal Enterprise

3. 3 The E  Authentication Initiative E-Authentication Mission  Enable millions of safe, secure, trusted online transactions between Government and the citizens and businesses that it serves  Reduce online identity management / credentialing burden for government agency application owners and system administrators  Provide citizens and businesses with a choice of credentials when accessing public-facing online government agency applications E-Authentication Strategy  Build the E-Authentication Federation, wherein government agencies can rely on electronic identity credentials – such as PINS/ /user IDs/passwords – issued and managed by other organizations within and outside the federal government

4. 4 The E  Authentication Initiative E-Authentication Federation  The set of government agency applications and credential service providers (CSPs) that have agreed to adopt a set of agreements, standards, and technologies to make identity portable across multiple domains Credential service providers are those organizations – both government and commercial – approved by E-Authentication to issue trusted online identity credentials, such as PINS/User IDs/Passwords/PKI certificates, upon which other Federation members can rely to grant access to online systems

5. 5 The E  Authentication Initiative Building the E-Authentication Federation Business & Operating Rules Operational Infrastructure Agency Applications/ Credential Service Providers Policy Technical Standards Completed FY 2004 Scheduled for completion Q1-3 FY ‘05 Scheduled for Federation membership Q4 FY ’05 and beyond

6. 6 The E  Authentication Initiative Architecture Driven by Interoperability and Standards  The architecture is based on industry best-practices: Open standards-based, federated identity management Security Assertion Markup Language (SAML) 1.0 in place now, SAML 2.0 support planned Liberty Alliance and WS-Federation support is also planned  Architecture supported by interoperable products: 9 products on Approved E-Authentication Technology Providers List – meaning all have demonstrated interoperability using SAML 1.0 artifact profile  First-of-its-kind Interoperability Lab supports: Product testing Technical support CSP and Agency Application testing

7. 7 The E  Authentication Initiative Credential Service Providers are Committed  Key Federal CSPs are on board Employee Express USDA NSF FastLane  Targeted key vertical markets as potential credential service providers – Financial institutions initial focus Partnering with Financial Services Technology Consortium (FSTC) 7 of top 10 financial organizations at the table  Other verticals beyond Federal sector State & local government – outreach underway Healthcare – outreach in early ’06 (Safe Initiative/Pharma) Higher Education – outreach in early ‘06

8. 8 The E  Authentication Initiative Credential Service Providers are Committed  Why we targeted Financial Institutions first: Authentication lies at the core of existing financial services products Know-your-customer (KYC) required by law Financial institutions own 3 powerful assets: Trust 90+% of the US population has banking relationship & 53M have bank- issued credentials (Pew) Strongly authenticated identities Law requires more than KYC – it requires that customers’ identities be protected

9. 9 The E  Authentication Initiative E-Authentication Validated by Independent Report  Burton Group, a respected IT research and advisory services firm, reports that E- Authentication: Aligns with industry best practices Provides flexible and pragmatic common approach to authentication Efforts should continue and expand, with fine tuning “The E-Authentication Initiative’s goals are achievable. The anticipated benefits are real and far-reaching, and extend to end-users, governmental organizations, and commercial businesses alike. The E- Authentication Initiative is well- defined, flexible, technically sound, and employs industry best practices.” Burton Group Report on the Federal E- Authentication Initiative, 8/30/04

10. 10 The E  Authentication Initiative Use of Federated Identity is Growing  According to Burton Group, more than 300 businesses deploying SAML-based federations this year Boeing Airline mechanics and ground service personnel General Motors 500,000 employees, customers and trading partners Fidelity Investments Employees and plan administrators from over 11,000 companies SAFE-BioPharma Major pharmaceutical research firms and regulators

11. 11 The E  Authentication Initiative For More Information Phone E-mail Steve Timchak 703-872-8604 stephen.timchak@gsa.govstephen.timchak@gsa.gov Project Executive Georgia Marsh 703-872-8614 georgiak.marsh@gsa.govgeorgiak.marsh@gsa.gov Deputy Program Manager Brian Doherty703-872-8606brian.doherty@gsa.govbrian.doherty@gsa.gov Communications Director Websites http://cio.gov/eauthentication http://cio.gov/fpkipa