access america-- fulfilling the vision of electronic service delivery peter n. weiss information...
TRANSCRIPT
Access America--Access America--Fulfilling the VisionFulfilling the Vision
of Electronic Service Deliveryof Electronic Service Delivery
Peter N. Weiss
Information Policy and Technology
Office of Management and Budget
Access America
Electronic commerce, electronic mail, and electronic benefits transfer sensitive information within government, between the government and private industry and individuals, and among governments.
-Vice-President Al Gore,
“Access America”
-available at: gits.gov
NPR (Reinventing Government):
Reengineer needed processes, get rid of those no longer needed, and focus on customer service. Electronic forms, commerce, and information security regarded as vital.
Government Paperwork Elimination Act (GPEA) P.L. 105-277 (Title VII)
Agencies to automate interactions with outside partners/customers within five years to the extent practicable.
OMB, in consultation with Commerce and others, to promulgate policies and procedures within 18 months.
Procedures are to encourage both electronic filing and electronic recordkeeping, particularly by employers.
PRA: Paperwork Reduction Act
•Reduce the reporting burden on the public.
•Measures include the number of hours the burden imposes.
•Pre-GPEA emphasis on electronic forms focused on the process to move the form from paper to electronic.
•Actual burden is not substantially reduced.
Other Applicable Laws
GPRA: Government Performance and Results Act
Clinger-Cohen Act (Information Technology Management Act of 1996)
Putting It All Together
Need to reduce burden to the public
Provide customer service in a fundamentally better way
Electronic forms are not, by themselves, necessarily enough
GPEA
GPRANPR
PRA
Clinger-Cohen
CUSTOMER SERVICE
LESS TIME TO ACCESSEASIER TO FILLFASTER TO SUBMITQUICKER RESPONSE AND PROCESSING
Opportunities?
GPEA provides reason to streamline service delivery
Build intelligence into electronic forms to enhance automated processing
Electronic signatures further enables electronic processing
GPEA, technology and infrastructure combined gives powerful reason to move forward
OMB’s Implementing Guidance
64 Fed. Reg. 10896 (Fri., March 5, 1999) Comments due: July 5, 1999 Send e-comments to: [email protected]
Paperwork Elimination
Security: weigh the magnitude of the risk and select an appropriate combination of technology and practice to cost-effectively minimize risk and maximize benefits to agency and to customers
Computer Security Act risk-based standard
Electronic Signature: GPEA Definition (§ 1709(1))
A method of signing an electronic message that--– (A) identifies and authenticates a particular
person as the source of the electronic message; and
– (B) indicates such person’s approval of the information contained in the electronic message.
Signature:UCC Definition (§ 1-201(39))
Any symbol executed or adopted by a party with present intention to authenticate a writing.
Legal Effect and Validity
Electronic records submitted or maintained in accordance with procedures developed under this title, or electronicsignatures or other forms of electronic authentication usedin accordance with such procedures, shall not be deniedlegal effect, validity, or enforceability because such recordsare in electronic form.
-GPEA, section 1707
Factors to Consider in Planning Electronic Systems
Nature of the participants to the transaction
– interagency, intra-agency, public– level of trust based on experience with
other participants or trading partners
Type of transaction– type of activity involved in the transaction
(administrative, regulatory, law enforcement
– contract for goods or services– instrument creating financial or legal
liability– involves inherently sensitive or private
information
Factors to Consider (cont.)
Recordkeeping needs regarding the transaction– One-time information request and
response– Audit– Potential for dispute by a participant– Potential for dispute by a third party– Evidentiary considerations
Factors to Consider (cont.)
Privacy in Electronic Commerce
These electronic systems must protect the information’s confidentiality, assure that the information is not altered in an unauthorized way, and be available when needed.
-Vice-President Al Gore,
“Access America”
Privacy Act (5 U.S.C. 552a)
Federal databases containing personal identifying information in support of PINs, biometrics, or digital signatures are “systems of records.”
Contractor-maintained databases containing personal identifying information, e.g. contracted CA/RA services, are usually covered “systems of records.” Possible exception if certificates are generally available, e.g. SET.
Section 1708 of GPEA
Except as provided by law, information collected in the provision of electronic signature services for communications with an executive agency, as provided by this title, shall only be used or disclosed by persons who obtain, collect, or maintain such information as a business or government practice, for the purpose of facilitating such communications, or with the prior affirmative consent of the person about whom the information pertains.
Privacy and Disclosure: Basic Principles
Electronic authentication should only be required where needed
Tailor authentication needs to the transaction and the participants
Avoid collecting information that is more detailed than required
Inform participants that information collected will be managed consistent with the Privacy Act, Computer Security Act, and any other applicable laws.
Practical Implications/Good Practices
Collect it only if you need it. Disclose conditions and limits of use. Provide reasonable personal access with ability
to correct and/or update. Articulate and disclose protective policies and
measures. Destroy personal information when no longer
needed; important to determine appropriate retention period.
Electronic Commerce Trust Requirements
Authentication - ensure that transmissions and their originators are authentic (identity).
Data integrity - ensure that exchanged data is not reasonably subject to intentional or unintentional alteration.
Confidentiality - limit access to authorized entities.
Authentication/Identity Techniques
Personal Identification Numbers (PINS)
Automated teller machines (with token)
IRS TeleFile, SEC EDGAR (without token) Cryptographic Digital Signatures
Public and private sector pilots, some production applications
Biometrics
Can be used in conjunction with digital signatures
Others: SSL, S/MIME, route certificates
What do they have in common?
PINs, Digital Signatures, and Biometrics require the collection or maintenance of identifying information:
Directly:
Employee to employer
Taxpayer to IRS, Applicant to SSA Or indirectly:
Subscriber to Certification/Registration Authority
How do they differ?
PINs and biometrics/signature dynamics tend to be one to one within a single application, i.e. automates the stovepipes.
Cryptographic digital signatures can be used for multiple applications utilizing digital certificates as a component of a Public Key Infrastructure, i.e. can cut across stovepipes.
The bottom line:
Designing an automated system with better authentication and privacy than paper-based systems is not difficult,
BUT...
...it must be perceived by the user, oversight, and advocacy communities as being better.
– Yoda
Learn from others’ experiences!
Case in point: SSA’s PEBES
Electronic Commerce Sources
"Access America" - Government Information Technology Services Board
http://www.gits.gov
"Framework for Global Electronic Commerce"
http://www.ecommerce.gov
Federal Public Key Infrastructure Steering Committee
http://gits-sec.treas.gov
Personal ID Number (“PIN”)
User enters name and password, or PIN.
PIN is a “shared secret” (known both to the user and to the system)
System checks the PIN to authenticate the user.
Smart Card
Plastic card containing an embedded chip that generates, stores and/or processes data
Computer reads data from the chip when the user enters a PIN or biometric identifier
Assists with implementation
Digitized Signature
Graphical image of a handwritten signature
Software compares a graphical image with the digitized representation
May be combined with PIN or biometric for higher level of security
Shared Private Key (Symmetric) Cryptography
User – signs document and – verifies signature using the same secret
key (long string of numbers) Secret key is shared between the sender
and the recipient, thus not the best authentication mechanism
Public/Private Key (Asymmetric Cryptography) - Digital Signatures
• Two keys, mathematically linked• One is kept private, other is made public• Private not deducible from public• For digital signature: One key signs, the
other validates• For confidentiality: One key encrypts, the
other decrypts
Access with Trust
Describes an essential technological and institutional means of fostering safe, secure electronic interactions, a “Public Key Infrastructure,” or PKI, using cryptographic-based “digital signatures.”
Available at: gits-sec.treas.gov
Challenges
Registration/identity proofing Private keys in hardware vs. software Interoperability within Federal agencies Interoperability outside Federal agencies Digital signature acceptance Directory management Making “the business case”
What PK Technology AllowsWhat PK Technology Allows
Authentication
Non-repudiation
Data integrity
Confidentiality
The Critical Questions
• How can the recipient know with certainty the sender’s public key? (to validate a digital signature)
• How can the sender know with certainty the recipient’s public key? (to send an encrypted message)
The Answer: A PK CertificateThe Answer: A PK Certificate
• A document which is - • Digitally signed by a Certification
Authority,• Based on identity-proofing done by a
Registration Authority,• Containing the individual’s public key,• Some form of the individual’s identity, and• A finite validity period
Public Key Infrastructure
• Registration Authorities to identity proof users
• Certification Authorities to issue certificates and CRLs
• Repositories (publicly available data bases) to hold certificates and CRLs
• Separate from CRLs, mechanisms for status checking of certificates (OCSP)
Agency Implementation
Use and manage electronic signature technology to:
– maximize the ability to authenticate the identity of the originator
– ensure integrity of the contents of the filing