GSA promotes new tools to encourage PKI use

GSA promotes new tools to encourage PKI use


The newest public-key infrastructure offerings under the General Services Administration's Access Certificates for Electronic Services program are unlikely to kick-start wide acceptance of PKI in the government, a GSA official contends.

Although agencies are under the gun to meet the Government Paperwork Elimination Act's 2003 deadlines calling for electronic services for most government interactions with the public, they have yet to achieve the mind-set, said David Temoshok, PKI policy manager in GSA's Governmentwide Policy Office.

Agencies 'are just not going to be able to flick a switch and go from a paper-based process to an electronic one,' Temoshok said.

Judith Spencer
Judith Spencer, chairwoman of the federal PKI committee, says she is optimistic.
But agencies are steadily adopting electronic processes, said Judith Spencer, chairwoman of the Federal PKI Steering Committee. Its next PKI status report, due this fall, will probably show an improvement in adoption since last year, she said.

'The obstacle is that this is business process re-engineering,' Temoshok said. Agencies' back-end technologies are not ready for complete conversion from paper to electronic processes, and systems have to be developed to accept the ACES applications, he said.

'The more vendors learn about agencies' needs, the easier and more efficient it's going to be for us,' Temoshok said.

New ACES offerings came out this month from Digital Signature Trust Co. of Salt Lake City, E-Lock Technologies Inc. of Fairfax, Va., and PureEdge Solutions Inc. of Seattle. The three vendors' FedSign signature application adds digital signing capability to ACES.

Digital Signature Trust, a certification authority and PKI application provider, also introduced the $50,000 ACES ekit [GCN, July 2, Page 10]. And the company brought out a service under ACES, the Electronic Transaction Risk Assessment.

Three elements, one from each vendor, make up FedSign for workflow routing and approval. FedSign uses PureEdge's Certificate Validation Module (CAM), which integrates with the ACES certificate arbitrator module. The CAM makes keys interoperable and tracks use.

PKI triumvirate

Assured Office, a server validation module from E-Lock, integrates with Microsoft Corp. operating systems to validate the locations of keys with the appropriate servers. It verifies that a key is coming from a valid destination.

Digital Signature Trust's SimpleSign, the final element, is an application for citizens to digitally sign transactions with the government. Keren Cummins, vice president of government services for Digital Signature Trust, said users could upload digitally signed tax forms to the IRS, for example.

FedSign is only for digital document signatures. If agencies simply want PKI to control access to computers, the ACES ekit is all they need.

Damage control

The Social Security Administration recently piloted Digital Signature Trust's risk assessment service, and other agencies can now buy the service under ACES.

'It's not your traditional penetration test,' Cummins said. 'It's an assessment of the degree of risk in choosing to accept an electronic credential.'

The service estimates the types of damage agencies might incur in finances, privacy or public reputation.

'Is it a $500 contract or a $500,000 contract someone is signing?' Cummins asked. 'If someone's name and phone number are exposed, or if someone screws the system, are you a little bit embarrassed or a lot embarrassed?'


  • Pierce County

    CARES dashboard ensures county spending delivers results

    The CARES Act Funding Outcomes Dashboard helps Pierce County, Wash., monitor funding and key performance indicators for public health emergency response, economic stabilization and recovery, community response and resilience, and essential government services.

  • smart city challenge

    AI-based traffic management improves mobility, saves fuel, cuts pollution

    Researchers are developing a dynamic feedback traffic signal control system that reduces corridor-level fuel consumption by 20% while maintaining a safe and efficient transportation environment.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.