1

E-Authentication

The E-Authentication/Grants Demonstration

2

E-Authentication

E-Authentication Grants Pilot

Multiple Federal agency partners

E-Authentication-enabled applications

SAML-based (Security Assertion Markup Lang.)

Demonstrates multi-domain single sign on (MDSSO)

Involving a variety of systems and platforms

3

E-Authentication

System Components Overview

USDA

Users

ORC Grants.gov

FastLane

Credential Service ProvidersAgency Applications

E-Authentication Portal

4

E-Authentication

E-Authentication Portal

UsersE-Authentication Portal

•Primary Access Point for E-Authentication•Lists the available applications

•Lists the associated credential service providers

5

E-Authentication

Credential Service Providers

USDA

Users

ORC

Credential Service Providers

•Provide the logon interface

•Validate the provided credentials

•Are trusted partners

6

E-Authentication

Agency Applications

Users

Grants.gov

FastLane

Agency Applications

•Provide the agency specific functions

•Must be E-Authentication enabled

7

E-Authentication

Demonstration Outline

Use of a USDA credential service to access the NSF FastLane application (use of external credentials)

Use of a commercial credential service to access the same agency application (use of third-party credentials)

Use of the USDA credential service to access the Grants.gov portal application and the NSF FastLane application (use of external credentials and single sign on to multiple agency applications)

8

E-Authentication

Case 1: FastLane application is accessed using an external credential service

User Terry McBride

• Starts at the Firstgov.gov E-Authentication Portal• Selects the NSF FastLane application• Selects the USDA Credential Service• Username and password is validated

9

E-Authentication

Demo Case 1

10

E-Authentication

Case 2: FastLane application is accessed using an ORC credential – Terry can use either credential at the FastLane application

User Terry McBride

• Starts at the Firstgov.gov E-Authentication Portal• Selects the NSF FastLane application• Selects the ORC Credential Service• Username and password is validated

11

E-Authentication

Demo Case 2

12

E-Authentication

Case 3: USDA credential is used to access the Grants.gov and the NSF FastLane application, demonstrating multi-domain single sign on

User Terry McBride

• Starts at the E-Authentication portal• Selects the NSF FastLane application• Checks Remember Credential Service box• Selects the USDA credential• Selects Grants.gov from favorites and is

redirected without re-authenticating

13

E-Authentication

Demo Case 3