GSA taps Liberty Alliance for E-Authentication interops testing

The General Services Administration has chosen the Liberty Alliance consortium to do SAML 2.0 interoperability testing for products in its E-Authentication Solution program.

E-Authentication Solutions is part of the president's e-government initiative. 'The purpose is to provide credentialing services for outward facing government applications on the Web,' said acting program executive Tom Kireilis.

The Security Assertion Markup Language specifies an Extensible Markup Language standard for exchanging data for authentication and authorization between security domains. GSA has adopted Version 2.0, the latest version, but SAML interoperability testing has been required throughout the program.

'Before we were doing this in-house,' Kireilis said. 'That is resource-intensive. It became evident' that going to an outside testing authority 'was the thing to do. Given the community that Liberty Alliance represents, they were in the perfect place to provide the testing for us.'

Liberty Alliance is an identity industry consortium whose members include technology vendors and consumer service providers as well as educational and government organizations. The Liberty Alliance Management Board includes representatives from AOL, Ericsson, Fidelity Investments, France Telecom, HP, Intel, Novell, NTT, Oracle and Sun Microsystems.

The E-Authentication program provides assurance level 1 and 2 credentials, which can be a user identification and password. The goal of the program is to enable sign-on with a single set of credentials across multiple applications. In addition to the U.S. program, several other national governments also are deploying SAML 2.0-based applications to enable identity-based access. Use of a common standard could allow federated identity access controls across multiple enterprises.

GSA has certified seven products under its own interoperability testing program, but that number could expand rapidly. Kireilis said there could be hundreds of products tested.

Currently there are 65 relying parties or applications now in the E-Authentication Federation, using these technologies. 'We'll more than double that this year,' Kireilis said. The Office of Management and Budget has directed agencies to prepare plans for enabling targeted applications, and GSA has been working with them in developing their timelines. 'So we know what is coming down the road,' he said.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected