Skip Navigation

 

Frequent Questions

Font Size Reduce Text SizeEnlarge Text Size     Print Send this page to printer     Download Reader  Download PDF readerHHS Home|HHS News|About HHS

OCIO Home > Enterprise Solutions > HHSIdentity

OCIO Home

About the OCIO

Policy

Enterprise Architecture

Enterprise Performance Life Cycle

Capital Planning & Budget

IT Contracting & Purchasing

Enterprise Solutions

HHSMail

HHSNet

HHSIdentity

Networx Transition

National Communications System

IT Security & Privacy

E-Government & President's Management Agenda

Plans & Reports

OCIO Site Map

Goals for Enterprise Access Management (EAM)

HHSIdentity Enterprise and Access Management (EAM)

The EAM 1.0 project constitutes a major segment of the HHSIdentity Program, focusing on the development and deployment of the HHSIdentity Enterprise Access Management (Single Sign-On) system.  The system will serve as both the User Mapping Repository and the Access Management solution for HHS and OPDIVS.  HHSIdentity EAM (Single Sign-On) System provides the authentication and Single Sign-On (SSO) backbone for the HHSIdentity program. Currently HHS and the Program Support Center (PSC) are integrating two Enterprise Applications: Enterprise Human Resources and Payroll (EHRP) and the Enterprise Workflow Information Tracking System (EWITS) which will incorporate the HHSIdentity EAM (SSO) Solution. 

General EAM Overview

The HHSIdentity EAM (SSO) is built on the Sun Access Manager product with the Sun Directory Server offering back-end repository capabilities.  These components provide SSO capabilities including authentication through both user name/password or PIV card authentication to the HHS user-base and help to improve the user experience for navigating between applications.

Key Benefits of the EAM System:

  • Allows HHS to meet OMB criteria for using PIV card for logical access; 1st time ever in HHS. One of the only agencies other than DoD to use a PIV card for logical access.
  • Improves authentication security through a PIV-enabled central authentication service.
  • Supports multi-factor authentication for elevated privileges users using smart card, soft certificates and other authentication types.
  • Provides robust identity auditing and reporting capabilities and access control models to reduce the manual effort required to complete FISMA and SAS70 audits.
  • Potentially reduces help desk costs by reducing the number of accounts and passwords a user must manage.

Benefits of EAM 1.0/ Customization to EHRP/ EWITS

  • EHRP and EWITS users are using single credential to access both applications.
  • EHRP and EWITS administrators, elevated privilege users, will use PIV card to securely access PII.
  • Help Desk Staff will use PIV card to securely access PII and administrative functions.
  • Enables EWITS and EHRP to meet security requirements which are not possible without EAM (i.e., separation of user and administrator accounts / privileges).
  • Further Process definition/ documentation around application administrators “on-boarding” process

Key Milestones

The EAM 1.0 System went live on March 9, 2009, providing two HHS Enterprise Applications, EHRP and EWITS, with Single Sign-On capabilities.


horizontal line

HHS Home | Questions? | Contacting HHS | Accessibility | Privacy Policy | FOIA | Disclaimers | Inspector General | No FEAR Act
The White House | USA.gov | HHS Archive | Flu.gov

U.S. Department of Health & Human Services · 200 Independence Avenue, S.W. · Washington, D.C. 20201