GSA to fine tune the digital services infrastructure

T he third generation program to improve federal identity management, Connect.gov, is barely off the ground and the General Services Administration is asking industry what the fourth generation will look like.

GSA issued a request for information April 16 asking vendors to provide insight into where cloud-based or online authentication and credentialing is heading.

“GSA envisions establishing a vibrant identity ecosystem where individual consumers can choose to use a third party-issued, government approved credential they already have and trust to access government sites and services,” GSA wrote in the RFI. “The objective of this RFI is to learn the viability, feasibility, cost- effectiveness, pricing methodology, industry readiness and to explore areas of innovation to better understand the full operating capability of Connect.Gov.”

GSA and the Postal Service launched Connect.gov — formerly called the Federal Cloud Credentialing Exchange (FCCX) — in December. Now there are five sign-in partners, including ID.me, PayPal, Yahoo, Verizon and Google, and three federal relying partners, the departments of Agriculture and Veterans Affairs, and the National Institute of Standards and Technology.

Through Connect.gov, agencies can access all four levels of digital credentials making it easier for citizens and businesses to interact online with the government.

The program builds upon other initiatives that have had limited success, including E-Authentication — one of President George W. Bush administration’s E- Government initiatives — and the Federal Bridge and Public Key Infrastructure. Both programs were heralded with great potential, but failed to live up to the vision because of several reasons, including the technology couldn’t meet the demands and because agencies didn’t see the value.

But with the ever-growing cyber threats and the understanding that username and passwords are impossible to secure, GSA sees an opportunity to finally move the government into a broad vision that first came in the late 1990s or early 2000s.. The technology and value proposition are clear that complex and advanced identity management is not only doable, but necessary.

So that brings us to Connect.gov. USPS awarded the initial $15.1 million contrct to SecureKey Technologies in 2013 to set up the back-end infrastructure.

Now, GSA wants to see where Connect.gov can go in the future. The RFI asks for input around two potential operating models:

• GSA operates two broker contracts. One would be for a technical broker to provide a “credential exchange platform.” This would let consumer agencies leverage multiple entities to authenticate and validate the identities of their customers, while providing security, maintenance, integration and technical support services of the platform.

  The second contract would be for a business broker, which would provide business relationship management with the approved identity service, customer relationship management, and offer ancillary services such as program/project management, support, communication, reporting, billing, auditing, and other professional services necessary to fulfill consumer agency business needs.

• GSA manages a single broker contract. Under this model, the one vendor would offer all Connect.gov services, while GSA would manage the contract.

Responses to the RFI are due by June 19 and GSA says it will hold an industry day before the deadline.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.