Page 24 - index
P. 24
of eGovernment efficiency and cost savings seen in other countries around the world. For
example, in Norway, nearly 100 percent of its citizens and 500,000 businesses now access
more than 300 government services online, resulting in significant cost savings—and
extraordinary improvements in efficiency.
How FCCX Works
FCCX uses federation for single-sign, on so it doesn’t spread users’ credentials around multiple
systems. Agencies allow user access based on a secure handshake with FCCX, without
requiring it to pass on personal credential information. This “circle of trust” leverages security
assertion markup language (SAML), the XML-based, open-standard data format for exchanging
authentication and authorization data. The latest version of SAML, V 2.0, creates a
standardized, cross-domain, web-based, single-sign-on framework. The government chose
SAML because relying on open-source standards is a proven way to reduce spending, increase
efficiency, and provide extra security validation through transparency.
Private businesses—companies such as Google and Facebook—will be able to offer users
access to FCCX through their existing credentials. First, though, they will need to be certified
through the FCCX-approved identity and authentication provider. The Kantara Initiative—which
helped to design SAML V 2.0—is the Trust Framework Provider for the U.S. Federal Identity
Credential Access Management (FICAM) team and will provide policy and technology
interoperability verification for businesses that seek to connect to FCCX.
“We’ve always known that open standards could add considerable value in enabling effective
eGovernment and are pleased to see the direction that NSTIC and FCCX are taking on this,”
said Allan Foster, president at Kantara Initiative. “We look forward to seeing widespread
adoption of open-source-based products such as ForgeRock FederalConnect to help federal
agencies quickly connect to FCCX.”
How agencies can connect to FCCX
For federal agencies, it will be a relief to get out of having to manage citizen identities—but first
they have to come up with a plan for connecting to FCCX and execute on that plan within 18
months. Most agencies are likely to evaluate commercial software based on SAML, because
they want vendors to add value to SAML with the same support, rigorous product-development
processes, and testing that agencies expect from proprietary software. And agencies will be
making their evaluations with their eyes on the clock: the 18-month timeline means they need
ease of implementation and a proven track record. Any product that promises pre-packaged
integration with FCCX is likely to jump to the top of the list for evaluation.
SAML-based FederalConnect fully meets agencies’ requirements. A lightweight packaged
commercial open-source solution, it allows agencies to avoid complex integration efforts: they
24 Cyber Warnings E-Magazine – November 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
