Justice pilots federated identity broker
- By Joab Jackson
- Feb 27, 2007
The Justice Department is piloting a federated identity management system that could be used to verify government online identities across different agencies.
The Law Enforcement Information Sharing Program, run by Justice's Office of the Chief Information Officer, could offer validated user credentials to multiple applications across multiple agencies, noted Boris Shur, Justice manager for the pilot. Shur outlined the project
at the Collaborative Expedition Workshop, held today in Arlington, Va.
The system works by establishing a trusted broker to act as a liaison between applications and providers of user credentials. With a trusted broker in place, a user can request access to an application outside his or her own agency, and that application can request credentials from that broker, which has gathered such credentials from the identity providers.
Such a federated approach could cut the complexity that would ensue as more applications are opened to outside agencies. The trusted broker could eliminate the need to establish individual handshakes between applications and identity providers. It could also cut down on the format headaches, as both applications and identity providers can communicate with the trusted broker in its own native format and protocol. It is up to the trusted broker to provide all the relevant protocols and formats, Shur said.
At present, the LEISP system communicates credentials using the Public Key Infrastructure, the Security Assertion Markup Language and the Web Services Federation Language. It interacts with a number of applications as well as with a number of identity servers, such as the Sun One Identity Server and the Hewlett-Packard OpenView Select Federation.
The pilot will run until July, and the program managers plan to issue a report afterwards that assesses this federated approach.
'If [the pilot] is good enough, it is our intention to establish a trusted-broker infrastructure, within at least DOJ,' Shur said.
Joab Jackson is the senior technology editor for Government Computer News.