Upload
others
View
15
Download
0
Embed Size (px)
Citation preview
11
ROES and EROES and E--Authentication Authentication Online Ordering for Online Ordering for Veterans and Other Veterans and Other
Government AgenciesGovernment AgenciesAssociation of VA AudiologistsAssociation of VA Audiologists
Annual MeetingAnnual MeetingApril 2, 2008April 2, 2008
22
Overview of PresentationOverview of Presentation
Veteran online orderingVeteran online orderingEE--AuthenticationAuthenticationLive demoLive demoOGA/OGA/DoDDoD orderingorderingQ&AQ&A
44
NonNon--VA Customers of the DALCVA Customers of the DALC
Customer groups Customer groups (current)(current)
VeteransVeteransOGA/DoD AudiologistsOGA/DoD Audiologists
Online ordering Online ordering issuesissues
Targeted ordering Targeted ordering functionsfunctionsAccessAccess
55
Online Ordering PartnershipOnline Ordering PartnershipTargeted ordering Targeted ordering functions (ROESfunctions (ROES--Public)Public)
Veteran orders Veteran orders –– batteriesbatteriesOGA/DoD orders OGA/DoD orders –– any any DALC itemsDALC itemsVeteran orders Veteran orders –– other other commoditiescommodities
Potential future Potential future capabilitiescapabilities
Patient education materialsPatient education materialsTRICARE provider ordersTRICARE provider ordersActive duty military orders Active duty military orders –– batteries & commoditiesbatteries & commoditiesVA patients VA patients –– outcome outcome measuresmeasures
Access (EAccess (E--Authentication)Authentication)RequirementsRequirements
BrowserBrowser--basedbasedPublicPublic--facingfacingRequire authenticationRequire authentication
InfrastructureInfrastructureSingle access method for Single access method for multiple government and multiple government and VA applications (including VA applications (including My HealthMy HealtheeVetVet))
66
Ways for veterans to request Ways for veterans to request batteriesbatteries
PrePre--printed mailprinted mail--in cardin cardEE--mailmailPhone requestPhone requestWalkWalk--ininClinic order for patientClinic order for patientOnline via the webOnline via the web
77
Veteran Online Battery OrderingVeteran Online Battery Ordering
Ordering rules similar to those for any Ordering rules similar to those for any other veteran battery orderother veteran battery order
Allowable only for devices authorized on the veteran Allowable only for devices authorized on the veteran recordrecordDALC battery schedule applied to determine correct DALC battery schedule applied to determine correct 66--month quantity for ordermonth quantity for order55--month interval required between orders for the month interval required between orders for the same device (exceptions same device (exceptions –– call DALC)call DALC)Only batteries maintained and available in DALC Only batteries maintained and available in DALC inventory can be orderedinventory can be ordered
99
Veteran Battery Ordering Veteran Battery Ordering –– Order PlacementOrder Placement
XXXXX XXXXXXXXXX XXXXX
1010
What is Authentication?What is Authentication?
The process of determining a system user really The process of determining a system user really is who they claim to be is who they claim to be
Identification = Who they claim to beIdentification = Who they claim to beAuthentication = The claim is validatedAuthentication = The claim is validatedAuthorization = What they can do Authorization = What they can do
Authentication factorsAuthentication factorsSomething you knowSomething you know (PIN, Password)(PIN, Password)Something you haveSomething you have (Token, Smart Card)(Token, Smart Card)Something you areSomething you are (Biometrics)(Biometrics)
1111
Authentication LevelsAuthentication LevelsNational Institute of Standards & National Institute of Standards & Technology (NIST) 800Technology (NIST) 800--63 Electronic 63 Electronic Authentication GuidelineAuthentication Guideline
Defines levels of Authentication Assurance Defines levels of Authentication Assurance Four distinct levels Four distinct levels Establishes the level of Establishes the level of ““confidenceconfidence”” or or ““assuranceassurance”” in user identitiesin user identities
1122
3344
1212
Federal EFederal E--Auth Auth Long TermLong Term GoalsGoals
Government wide EGovernment wide E--Authentication Authentication FederationFederation
Provide citizens the ability to authenticate to Provide citizens the ability to authenticate to multiple federal applications utilizing a single multiple federal applications utilizing a single federated credential federated credential
Achieve economies of scale Achieve economies of scale Minimizing individual agencies requirements Minimizing individual agencies requirements for maintaining identity information and for maintaining identity information and proofing processes proofing processes
1313
Federal EFederal E--Auth Overview Auth Overview One of the 24 eOne of the 24 e--Gov InitiativesGov InitiativesPresidentPresident’’s Management Agenda (PMA)s Management Agenda (PMA)Paperwork Reduction ActPaperwork Reduction ActMilestones tracked on Agency OMB ScorecardMilestones tracked on Agency OMB ScorecardGSA is managing partner for OMBGSA is managing partner for OMBGSA Program Management Office GSA Program Management Office (GSA PMO)(GSA PMO)GSA PMO Executive Steering Committee GSA PMO Executive Steering Committee (GSA PMO ESC)(GSA PMO ESC)
Membership represents participating federal agencies Membership represents participating federal agencies
1414
Federation ComponentsFederation ComponentsCredential Service Provider Credential Service Provider
https://csp.orc.comhttps://csp.orc.comUser obtains credentialUser obtains credentialUser authenticates to CSPUser authenticates to CSPCSP manages credential lifecycleCSP manages credential lifecycle
End user support & forgotten passwordsEnd user support & forgotten passwords
Relying PartyRelying PartyDepartment of Veterans AffairsDepartment of Veterans Affairs
Agency ApplicationsAgency ApplicationsSome state government applications are considering Some state government applications are considering joining also joining also
1515
EE--Authentication Federation Authentication Federation InformationInformation
GSA Portal GSA Portal http://asc.gsa.govhttp://asc.gsa.gov
NIST ENIST E--Authentication GuidanceAuthentication Guidancehttp://csrc.nist.govhttp://csrc.nist.gov
For additional information about EFor additional information about E--Gov and the Gov and the Federal EFederal E--Gov StrategyGov Strategyhttp://www.egov.govhttp://www.egov.gov
Federal EFederal E--Authentication Information and NewsAuthentication Information and Newshttp://www.cio.gov/eauthentication/http://www.cio.gov/eauthentication/
1616
Where are we now?Where are we now?Official Federation MemberOfficial Federation MemberProduction infrastructure deployedProduction infrastructure deployed
Traffic EncryptionTraffic EncryptionSupport for My HealthSupport for My HealtheeVet (level 2)Vet (level 2)Support for ROES (level 2)Support for ROES (level 2)Planning underway with multiple VA applicationsPlanning underway with multiple VA applicationsWeb site Web site www.va.gov/eauthwww.va.gov/eauthAdditional Federation potential both internal and Additional Federation potential both internal and externalexternalIdentity and Access Management (IDAM) Identity and Access Management (IDAM) StrategyStrategy
1717
FutureFuture of IDAM Strategyof IDAM Strategy
OneVA ProofingOneVA ProofingOneVA IdentityOneVA IdentityOne VA AccessOne VA AccessProvisioningProvisioningSingle Sign OnSingle Sign OnElectronic SignatureElectronic SignaturePKI EnablementPKI EnablementPossibly become a Federation CSP Possibly become a Federation CSP
1818
Live Demonstration of a Veteran Live Demonstration of a Veteran Battery OrderBattery Order
ORC Main Pagehttps://csp.orc.com/main.jsp?tag=0
GSA Portal PageHttp://asc.gsa.gov
http://asc.gsa.gov/portal/template/FindAgencyApplications.vm?tab=Citizens
VA E-Auth Homepagehttp://www.va.gov/eauth
2020
OGA/DoD OrderingOGA/DoD OrderingROES functionality very similar to that available to VA ROES functionality very similar to that available to VA audiologistsaudiologists
Hearing aid orderingHearing aid orderingFlexibility in device selection, including search featureFlexibility in device selection, including search featureDetailed selection of hearing aid featuresDetailed selection of hearing aid featuresOpportunity to include audiometric measuresOpportunity to include audiometric measures
Registration of devicesRegistration of devicesManagement of loss & damage (L&D) replacementsManagement of loss & damage (L&D) replacementsCommodity orderingCommodity orderingStock ordersStock ordersAdditional functionalitiesAdditional functionalities
Deviations from VA ROESDeviations from VA ROESNot driven by VA eligibilityNot driven by VA eligibilityAllows use of purchase cardAllows use of purchase card
2525
EE--Auth access for DoD clinical staffAuth access for DoD clinical staff
Credentialing through the ORC is oriented Credentialing through the ORC is oriented toward the toward the ‘‘citizencitizen’’ useruserAdditional credentialing methods are being Additional credentialing methods are being examined for examined for ‘‘institutionalinstitutional’’ DoDDoD usersusers
Credentialing through the existing CAC card Credentialing through the existing CAC card is one possibilityis one possibility
2626
Getting the Word Out!Getting the Word Out!Advertising actions under wayAdvertising actions under way
Inserts in DALC battery orders and box setupsInserts in DALC battery orders and box setupsNotification in DALC battery order eNotification in DALC battery order e--mail mail confirmationsconfirmationsVeteran contact with DALC Customer Service SectionVeteran contact with DALC Customer Service SectionWeb (http://www.va.gov/eauth)Web (http://www.va.gov/eauth)AVAA presentation!AVAA presentation!Provider word of mouth to patients!Provider word of mouth to patients!
Printed material being prepared for distributionPrinted material being prepared for distributionASPS clinics should expect to receive materialsASPS clinics should expect to receive materials
Suggestions are WELCOME!!!Suggestions are WELCOME!!!
2727
Questions?Questions?
Thank you!Thank you!
Kevin Quitmeyer
Chief, IRM
VA Denver Acquisition & Logistics Center (DALC)
VA OI&T Office of Enterprise Development – Resource Management IT
303-914-5160
Cynthia Bias
Director, Identity and Access Management
Acting VA E-Authentication Project Manager
VA OI&T Office of Enterprise Development – Resource Management IT
304-262-7097
http://www.va.gov/eauth
3131
New users must click New users must click ““RegisterRegister””
If you already have a Level 2 ORC credential you may access If you already have a Level 2 ORC credential you may access ROES by entering your User ID and Password at this time.ROES by entering your User ID and Password at this time.
3737
Registration form needs to be printed off, then signed and stamped by a Notary.
Most local banks and Post Offices have a Notary and are willing to sign free of cost.
Once signed the form needs to be mailed into ORC at:
ORC, Inc.
11250 Waples Mill Road
South Tower Suite 210
Fairfax, VA 22030
Once mailed users will receive a notification of credential level upgrade in their personal email in 3 to 7 business days.
3838
Once users receive their credential and login this is the first page they will see on the ROES site.
4040
Users will need to correlate their information with their ORC credential the first time they enter ROES.