by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : May 15, 2015
their default choice for government interactions, the need to provide safe access has become even more important. The sharp rise in the use of mobile devices to access federal websites adds another dimension to the security challenge. The White House’s 2012 Digital Government Strat- egy states that “policies governing identity and credential management may need to be revised to allow the introduc- tion of new solutions that work better in a mobile world.” In general, identity management undergirds efforts to secure a range of IT activities, from mobility strategies to big-data initiatives. “Identity and access management is the foundation for all security,” said Paul Christman, vice president of the public sector at Dell Software. The fundamentals In 2009, the White House published a Cyberspace Policy Review that included the need to create a “cybersecurity- based identity management vision and strategy” on a list of 10 action items. That paper led to the launch in 2011 of the National Strategy for Trusted Identities in Cyberspace, which works with private- and public-sector entities to sup- port the development of interoperable identity credentials. That move set the stage for a cloud-based, federated identity management solution. A NIST-managed National Program Office coordinates NSTIC activities. The office collaborated with the General Services Administration to draft the requirements for the Federal Cloud Credential Exchange and awarded a contract to SecureKey Technologies in 2013 to create the exchange. FCCX was designed to let people use third-party credentials to access federal services online. In addition to improving the user experience, the governmentwide exchange would help agencies sidestep the cost of credentialing the same person numerous times. FCCX is now known as Connect.gov and falls under the auspices of GSA. The program allows people to use digital credentials provided by government-approved sign-in part- ners to confirm their identities when requesting access to online government services. When they log in, users consent to share what Connect. gov describes as a “limited set of personally identifiable information.” Connect.gov then serves as the pipeline for transmitting identity information from the sign-in partner to the agency’s online application. Jennifer Kerber, director of Connect.gov in GSA’s Office of Citizen Services and Innovative Technologies, said Con- nect.gov has contracts with ID.me and Verizon to serve as sign-in partners, and other contracts will follow. “We want to add more in the future to provide choice for the users,” she said. Kerber noted that six agencies are currently integrating with Connect.gov, and NIST, the State Department and the Department of Veterans Affairs will likely be the first to use the system. In another development, Connect.gov’s core technology, which is provided by SecureKey, was granted provisional authority to operate under the Federal Risk and Authoriza- tion Management Program. SecureKey CEO Charles Walton said that although FedRAMP certification is required for cloud-based services, it could have broader applications. “As other online organizations start to use cloud-based services and cloud-based identity and authentication, FedRAMP lends a stamp of approval on our services,” he said. Connect.gov is not the only federal credentialing effort, May 15, 2015 FCW.COM 25 3. Customer’s identity information is transferred to the agency Once the customer has consented to share a limited set of personally identifiable information with the partner, Connect.gov facilitates the transmission of the identity information to the agency application. 4. Customer is given access to the online agency service The customer now has access to the agency’s application. Once a customer has registered with a sign-in partner, he or she can sign into all online government services that use Connect.gov. 0515fcw_024-026.indd 25 4/22/15 9:05 AM
April 30, 2015
May 30, 2015