Project Vision
"The Department of the Interior (DOI) will continue to be the leader of the entire Federal Government in transforming the delivery of services in the most secure and safe environment through the use of digital technology."
The vision of the E-authentication project is that DOI employees will have one electronic identity throughout DOI and the Federal Government, thereby eliminating the myriad of passwords, identities, and required log-ins. This single identity will be recognized not only within DOI, but also by all components of the Federal Government. Conversely, all trusted identities issued within the Federal Government will be recognized and used by DOI to identify persons conducting business with DOI.
As the Federal Government modernizes internal processes to reduce costs for agency administration and moves to cross agency applications that are available to all Federal employees, a common, trusted basis for authentication is needed. In April 2003, the Chief Information Officer (CIO) Council created the Federal Identity Credentialing (FIC) Initiative. Subsequently, the Federal Identity Credentialing Committee (FICC) and DOI counterpart (DOI FICC) was formed.
Based on a Budget Data Request conducted by the Office of Management and Budget (OMB) in April - May 2003, the government spends in excess of $160 million in Fiscal Year (FY) 2004 on potentially inconsistent and redundant authentication and identity management infrastructure. Federal agencies have also demonstrated inconsistent approaches to physical security and computer/network security, which leads to increased risks and vulnerabilities to the government.
Significant cost savings can be achieved through infrastructure consolidation and aggregated acquisitions as supported by Section 5113 of the Clinger-Cohen Act (P.L. 104-106) requiring use common IT solutions. FICC eliminates redundancies that exist across agencies today thereby advancing the e-Government agenda, while protecting assets and systems from unauthorized access, as prescribed in Section 3544(a) of the Federal Government Security Management Act (P.L. 107-347) requiring agencies to provide information security protection for the Government's physical and electronic resources and systems.
Among the more compelling reasons to consolidate authentication is the leveraging of security best practices. The consolidated approach ensures that each initiative is drawing upon the best authentication solutions to ensure proof of identity and to protect the confidentiality and sensitivity of data. DOI objectives are to:
- Implement Federal Identity Credentialing requirements in coordination with the Architecture and Infrastructure Subcommittee of the CIO Council;
- Issue Recommended policies, procedures and adopt FICC standards;
- Oversee DOI Federal Identity Credentialing activities in all DOI bureau and office implementations;
- Implement OMB and Office of Personnel Management (OPM) identity proofing minimum requirements;
- Implement specific technologies needed for Federal Identity credentials in accordance with National Institute of Standards and Technology (NIST) guidance and standards; and
- Implement interoperability and security requirements of products and protocols.
These activities will culminate in the creation of a DOI FICC component in the DOI Enterprise Architecture that matches the Federal Enterprise Architecture.
Successful implementation of DOI FICC will enable:
- Streamlined and automated building access, visit requests and authorization across the government;
- Immediate identification and subsequent denial of access for those with revoked credentials;
- Compatibility between physical/logical credentials issued by multiple organizations;
- Reduced human resource requirements for physical access;
- Improved access to interagency electronic processes, including e-forms, e-payroll and e-travel;
- Cross-organizational recognition and authentication of e-mail correspondents, digital signatures, and message integrity.
Accomplishment of DOI FICC requires DOI bureaus and offices to participate in:
- Understanding and implementing a common policy framework for identity credentialing, to include common Public Key Infrastructure (PKI) policy, common smart card policy, and common identity assurance;
- Participating in aggregated buy of smart cards based on identified bureau's and office's requirements per the Budget Data Request conducted in April-May 2003;
- Using Shared/Managed Services Providers for deployment of PKI digital credentials to Federal employees.
DOI will migrate to a smart card based identification process that uses digital certificates and public key technology to provide a much higher level of security. Inward and outward facing applications and processes will be streamlined and provide DOI and the public with secure transactions that cannot be repudiated.
Currently, the Bureau of Land Management (BLM) is the reference E-authentication implementation for DOI and will complete a bureau wide deployment by the end of Calendar Year (CY) 2004 for E-forms and issuing credentials. The Office of the Secretary will be brought on-line and using E-authentication later this year. The E-authentication deployment for smart cards and E-Forms is scheduled for completion to all other DOI components by FY 2006.
Links:
Additional information related to E-authentication:
Security Related Documents:
General Information:
BLM Resources of Information:
PKI Documentation:
