U.S. General Services Administration Federal Technology Service November 9, 1999
-
Upload
simone-strong -
Category
Documents
-
view
25 -
download
0
description
Transcript of U.S. General Services Administration Federal Technology Service November 9, 1999
U.S. General Services Administration
Federal Technology ServiceNovember 9, 1999
Judith SpencerDirector, Center for Governmentwide SecurityOffice of Information Security
• Paperwork Reduction Act
• National Performance Review’s Access America
• FPKISC Access With Trust
• Government Paperwork Elimination Act
Mandates for On-Line Access
Facilitates secure on-line access to
Government information and services by
the Public through the use of public key
technology.
The ACES Concept
• Provides a Government-wide Public Key Infrastructure.
• Provides auxiliary services that participating agencies may need to make use of the Infrastructure.
• Reduces overall costs by aggregating Government requirements.
ACES Features
• Identity Proofing
• Certificate Issuance
• On-line Validation
• Access to Information
• Compliance with Federal Requirements
• Validation Pricing Options
The ACES PKI
Any Web-basedGovernmentApplication
Access FederalSystem with ACES
Return PersonalizedGovernment Benefits/Information
Validate ElectronicID (ACES)
Secure Web
Citizen
Getting Services
• Controlled by the application
• Application binds certificate identity to specific record data through second level proofing
• Application determines access based on certificate status and identity
• Application retains the right to deny access at any time
Access to Information
• Procurement Integrity Act
• OMB Circular A-130– Paperwork Reduction Act
– Computer Security Act
– Privacy Act
• OMB Circular A-123– Federal Managers Financial Integrity Act
• Cryptographic and Digital Signature Standards (FIPS 140-1 and 186)
Compliance with Federal Requirements
• Task Order Based Competition– Certificate Issuance for users
• Industry Partner provided Identity Proofing• Government provided Identity Proofing
– Certificate Issuance for agency applications
• Transaction-based validation pricing– Set by Contract. Common across all awardees.
– Transaction Costs are Volume Banded. • Higher use, lower rates• $1.20 to $0.40 per transaction
ACES Pricing Scheme
Agency Application CertificateCertificates issued to and renewed by Agencies for applications participatingin ACES.
Supplemental PKI ServicesSupport for other system integrationand PKI requirements such as:products, services, programming, andother systems integration support asmay be required to enable Agencyapplications to implement PKI solutionsthat meet unique requirements(e.g. encryption
Technology UpdatesIncorporation of newalgorithms, formats, technologies,mechanisms, and media
Ad Hoc DataAd hoc data collection,analysis, and/or dissemination services related to ACES infrastructure services.
Hardware TokensOptional hardware tokenfor generation of key pairsand storage of private key.
Auxiliary Services
Task Order Based
ABAecom, America Online, Baltimore Technologies, Booz-Allen Hamilton, Computer Sciences Corp. (CSC), Cygnacom Solutions, Entrust, Microsoft, NetscapeNational Computer Systems, Price Waterhouse Coopers, Valicert Inc., Xcert International Inc.
Cygnacom Solutions, DataKey, Litronics, nCipher, Netscape Verisign, Inc
Industry Partners
• ACES provides strong authentication using identity-based digital signature certificates.
• Agencies should consider the need for such strong authentication when deciding which on line applications need ACES protection.
• Five categories of Government to Public communications have been identified by OMB that could require this strong authentication.
Defining Need
• Benefits
• Grants
• Filings
• Personal/Private/Proprietary Information
• Procurement
Five Communication Categories
Agency Recognizes a
Need
ACES PKI Services Auxiliary PKI
Services
PKI Needs Analysis
Sign Relying Party Agreement
Contacts OIS
Sign MOU w/OIS
OIS Contacts
Partners to Activate
Notifies FEDCAC
Partners Provide Billing to
FTS
FTS aggregates
charges, Bills Agency, and
pays Partners
Finalize SOWDevelop Task OrderConduct EvaluationAward Task Order
Getting ACES Services
Initial ACES Award 9/10/99
Source Selection Ends 10/27/99
Certification & Accreditation 9/20/99 - 1/27/00
Certificate Issuance begins 12/20/99
Task Order CLINS Available NOW
Program Timeframes
ACES Program Manager
Stanley Choffrey 202-708-7943 [email protected]
ACES Contracting OfficerJeanne Davis 781-860-7138 [email protected]
Center for Governmentwide SecurityJudith Spencer 202-708-5600 [email protected]
Contact Information