E-Authentication

The General Services Administration (GSA) created the E-Authentication initiative to allow for the reuse of credentials across multiple federal and state systems. E-Authentication is the process of confirming the identity of individuals who want to access a computer system or network, by validating their credentials (PIN, password, digital certificate, etc.) when they are trying to sign on. Innovate was brought on board to lead and streamline the GSA E-Authentication initiative for EPA. We have completed three phases of work on this project.
Phase I

  • Established and pilot tested a prototype system that allows both federal and state applications to leverage PKI credentials issued to end-users from other systems.
  • Assessed the impact of the E-Authentication Initiative’s approach on federal and state agency applications, credential services, and end-users who access those applications through web browsers.
  • Determined the applicability of the pilot findings in other environments.
  • Accomplished these goals using COTS products, and clearly identified any customization necessary.
  • Established a linkage between the EPA-State Network and the Federal Bridge for purposes of validating certificates presented by end-users at web browsers.
  • Tested the use of an available Step-down Translator.
  • Proved the E-Authentication Federal Bridge and federated architectures work – and work together — outside a lab environment, and determined the lessons of deployment and operation outside the lab.
  • Successfully demonstrated prototype operations of the E-Authentication architecture in a test environment.
  • Implemented the pilot on Delaware i-STEPS.

Phase II & III

  • Designing, developing, and testing the authentication of browser-based end-users to applications requiring Level 3 assurance and deployed the E-Authentication architecture in the Web services network environment provided by the EPA-State Network.
  • Demonstrating the reusability of PKI Level 3 credentials for authentication of end-users across multiple federal and state applications requiring Level 3 assurance.
  • Validating the use of federated identity architecture in a Web services network environment.
  • Implementing in production E-Authentication required to support the State of Indiana’s EMITS application for 10 users.
  • Implementing production PKI certificate validation services within the architecture of CDX-Node.
  • Establishing and testing a Production system that allows both federal and state applications to leverage PKI credentials issued to end-users from other systems.
  • Assessing the impact of the E-Authentication Initiative’s approach on federal and state agency applications, credential services, and end-users that access those applications through Web browsers.
  • Developing a monthly transaction report capability for generating reports to GSA as part of the E-Authentication reporting requirements.
  • Enabling Indiana’s EMITS system to access these certificate validation services by making appropriate calls to, and receiving appropriate responses from, CDX-Node.The project was implemented on the Indiana EMITS and EPA Ozone Depletion Systems (ODS).