The General Services Administration has issued a draft policy for federal agencies to follow in authenticating electronic transactions by government, creating four levels of authentication assurance--minimal, low, substantial, and high. The policy, according to GSA, promotes use of a standard set of criteria for assessing E-government transactions authentication rules; consistent language when discussing authentication and levels of assurance; secure, easy-to-use, and consistent ways for managing identity in electronic transactions; and reduces fraud in online transactions.
Existing government transactions and systems that require E-authentication must complete a risk assessment and be categorized into one of the four assurance levels by Sept. 15, 2005.
A copy of the draft policy can be obtained at http://edocket.access.gpo.gov/2003/pdf/03-17634.pdf. Comments on the draft must be submitted to GSA no later than Aug. 11.
Quelle: Information Week