Ingress Version 2 Launch Meeting and Demo
September 9, 2009
Agenda
Review of Ingress
Goals and objectives
General issues and opportunities
Ingress Version 2 Introduction
Why
What
When
v2 BETA demo
Other Issues; Open Q&A
Ingress -A Brief History
Original challenge -regional access to secure applications
County applications went live ~18 months ago
BARS
JILS
ANI
All required shared security model
Ingress Version 1 live in October 2007
Agency Registrars created users, granted access
Single sign-on for county applications
Result: Federated user administration model
Good/Bad Features of Ingress
Good
Single source for regional applications
Single sign-on for applications
Very strong security model
Resonable administration for >4,000 users from >45 agencies
Not so good (a.k.a. Bad)
Limited to three King County applications
Some difficulties with user management
Opportunities
LSJ-I portal project
Insufficient funding for KCPCA DIGS project
Ingress v2 Objectives
Expand on prior concepts
Single consolidated point of access to information
Integrated search capability (expanding JILS)
Further incorporation of information sources
Integrated and consolidated access to data across systems
Query tools to support searches across applications
Applicable inclusion of public realm information
Vision: A portal for criminal justice practitioners
Ingress Portal Model (example: iGoogle)
Ingress Model Basic Concepts
Continue to provide access to regional systems
Applications are primary source of data/information
Expand to support new systems (agency/ad hoc)
Provide information at user’ s request
User adds and removes information
User decides where the information is on screen
Allow customization to fit individual needs
Users can tailor to fit their operations
Users can tailor to fit their preferences
Timeline & Functionality Release
Phase 1 -Framework and Beta
Portal Framework
Standard Widgets
Bookmarks Widget
Application Launch Widget
External Application Widget
RSS Feed Widgets
Twitter Widgets
Phase II -Full Version 2
Advanced Widget Administration
Agency Alerts and Notifications
Unified Search
Sending Results
Saving Results
v2 BETA Demo
What’ s Next
Agency use of Beta
All agency users are loaded into Beta now
We are NOT reconciling logons between Ingress versions
Beta will improve over next two months
Addition and improvement of how applications are presented in widgets
Addition of new widgets
Looking for user feedback!!!
Future transition to v2
At this time, users may use EITHER v1 or v2 Beta
Recommend doing an agency training and conversion
When v2 goes live (dates TBD) we will work with agencies to reconcile user accounts
At that time, agencies will have 30 days to transition users
Q&A

EAuthentication
What is it?
What is needed for FFAVORS?
How do I obtain my ID?
What can go wrong?
Where can I get help?

EAuthentication
What is it?
Eauthentication is the single sign-on solution used by USDA for all websites that involve transactions. One login ID and password can be used for multiple USDA web sights. If you also access the Web Based Supply Chain Management System (WBSCM), you can use the same eAuth ID now for FFAVORS.

EAuthentication
What is needed for FFAVORS?
For non DLA staff, a level 1 eAuth ID is all that is needed. This will allow you to access the site and perform the tasks needed.
EAuthentication
How do I obtain my ID?
When DLA adds new users to FFAVORS, an automated e-mail will be sent to the user. The email will step the user through the registration process.

Current users can obtain their ID and password at this link
identitymanager.eems.usda.gov/registration/selfRegistrationForm.aspx?level=1

This is a four step process.

EAuthentication
Step 1: Level 1 Access Account Registration
Complete the information on the registration page

It is very important that the Last Name and the email address used here are exactly the same in FFAVORS.

User ID needs to be: 6 -20 Characters

Password is a challenge. It is required to be:
12 -24 characters
At least 1 upper case letter
At least 1 lower case letter
At least 1 number
At least 1 special character of
!#-$%*=+:;?~
No spaces
No Dictionary words
EAuthentication
Step 2: Level 1 Access Account Verification

Verify the information was entered correctly.

Use [Edit] to make changes

[Submit] will move to step 3
Eauthentication
Step 3: Print Confirmation email

You will receive an email from either eems.support@ocio.usda.gov or eAuthHelpDesk@ftc.usda.gov to print for your records and will outline the final step

If not received within a few hours:

Check other folders such as SPAM, JUNK

If not found: CALL 1-800-457-3642

Eauthentication
Activate Your USDA Account with Level 1 Access

Within the email, step 2 will allow you to Activate the ID through the link
òACTIVATE MY ACCOUNT’

Eauthentication
Step 4: Account Activation

Your ID is ready to be used!!!!
EAuthentication
What can go wrong?
Browser issues
User will see either the error message òServer Error in ò/Login’ Application’ or the login page will remain after clicking [Login]

FFAVORS requires Internet Explorer 7 or later.
If using Version 8 or 9, you need to run them in Compatibility mode

EAuthentication
Login Failed
Most likely one of two problems
Step 1: ID and password not correct
Use the òForgot your User ID’ to verify
Use òForgot your Password?’ to reset
If still issue, try step 2
Step 2: eAuth account issue
From Login page, click the òUpdate your Account;’ link
Try ID and password
If successful, need to contact eAuth Help desk and request they migrate your ID to the ID Minder system
If not, let your DLA account rep know so we can trouble shoot
Eauthentication
Login Failure òNo match of eAuth last name and email address was found in FFAVORS’

Verify what was used to create the eAuth ID and then Contact your FFAVORS account rep to verify or email paamagic@dla.mil?subject=FFAVORS Web the issue. Once both systems are brought in alignment, user will gain access.
EAuthentication
Where can I get help?
At the FFAVORS site (www.fns.usda.gov/fdd/ffavors.htm)
FFAVORS FAQs and Tips

DLA Help Desk (paamagic@dla.mil?subject=FFAVORS Web )

FNS Help Desk (FFAVORS@fns.usda.gov)

Eauth Help Desk: 1-800-457-3642

Introduction to CollabraLink Technologies
CollabraLink Technologies Corporate Overview
CollabraLink Core Competencies
CollabraLink Contract Vehicles and NAIC codes
CollabraLink Federal client base
CollabraLink’ s IRS Relevant Experience Areas (I of II)
CollabraLink’ s IRS Relevant Experience Areas (II of II)
CollabraLink and 2020 Company LLC Mentor Prot?©g?© Alliance
Why Choose CollabraLink?

Certificate of Need Online Application/Management System Joint Provider/Surveyor Training March 27, 2008
Michigan Department
of Community Health
Michigan CON Program Web Site: www.michigan.gov/con
MDCH Single Sign-on & CON e-Serve Online Application System Web Site: sso.state.mi.us
Certificate of Need Online Application Module Timelines
Letter of Intent module released January 2006

Nonsubstantive application, amendment and emergency CON modules released Spring 2007

Substantive application module tentatively scheduled for release in November 2007

Potential comparative application module still to be determined
Single Sign-on Main Page
Single Sign-on User Roles
CON E-Serve Main Page
Nonsubstantive Application
Features:
Application Components
Required forms
CON Review Standards
Required documents
Mark Complete
Responses to Standards
Application Submission
Fees and Other Required Documents
Must be submitted to be deemed received by the Department.
Unlocking
Amendment
Features:
Eligible Applications
Amendment Submission
Supporting Documents
Unlocking

Please note amendments can only be submitted by the original single sign-on user. For CONs prior to 2006, the author is defaulted to the Department. For any changes in author, contact Project Coordinator at (517) 241-3348.
Emergency CON
Features:
MCL 333.22235 Requirements
Emergency CON Submission
Supporting Documents
Affidavit must be submitted to be deemed received by the Department.
Unlocking
Helpful Hints
If a form is opened after being Marked Complete, the form must be Marked Complete again. Form status will change from Assigned to Complete .

All forms must be Marked Complete in order to submit application.

Once the application is submitted, it cannot be modified unless unlocked by the Department.

Substantive and Potential Comparative applications must be submitted on paper. Although links may be available for some of the required forms and standards for these application types, please do not enter data into the system but download the required forms.

Questions & Comments

Enterprise Identity Management -Leveraging Participation Management (PM) to Provide Single Sign-On for COD
Bridget-Anne Hampden | Nov. 2012
U.S. Department of Education
2012 Fall Conference
Contents
Current State
Objectives of the Enterprise Identity Management Service (EIMS) Project -Phases 1 and 2
Approach
EIMS Target State
Changes
Important Dates
Next Steps
Questions
Current State: User Feedback
We Heard You Loud and Clear:
Multiple log-ins for COD are frustrating and inefficient.

EIMS is a solution which allows a single user sign-on for COD and other FSA systems.

Current State
Objectives of EIMS Project Phases 1 and 2
Objective: To make registration and sign-on for users a more efficient process while still maintaining security for FSA systems by:
Simplifying access to FSA systems with single (reduced) sign-on
Creating a standardized solution supporting the entire user community and all business systems
Removing Personally Identifiable Information (PII), such as the current use of Social Security Numbers (SSN) and Date of Birth from log-in
Maintaining a consistent data security posture across all FSA systems

Approach
Step1: Placing all FSA systems behind a single authentication application (AIMS) e.g. National Student Loan Data System (NSLDS), eCampus-Based System (ECB), Central Processing System (CPS)
Step 2: Leverage PM system for COD enrollments to provide privileged users a single FSA ID for COD
Step 3: Create non-identifiable standard user IDs and passwords for students and borrowers to access FSA systems
Step 4: Move from physical (hard) tokens to the use of soft tokens
EIMS Target State
EIMS Target State
Changes: COD online access
Changes: PM
Changes: The Transition Period
During the transition period from the first week of March 2013 to the first week of May 2013:
Primary DPAs will need to enroll current COD online users in PM
Users will need to register in PM, if they do not have an FSA ID (john.doe.fsa)
During this period, new COD online users will need to be enrolled in both systems
After 1st week of May, Primary DPAs will only be able to use PM to enroll COD online users

Changes: Summary of Required Actions
Changes: Privacy and Security Improvements
FSA requires that all users accept their responsibilities regarding the use of FSA systems and information as is written in the Privacy Statement and the Rules of Behavior
In addition, FISMA requires that FSA track this information and provide audit information as requested
On a daily basis, users will be asked to accept both these statements when they first log-in to COD

Changes: Annual Security Training Notification
Users are required to complete an Annual Security Training
Provides an understanding of the security responsibilities associated with accessing FSA systems
Reminds users of their responsibilities to protect the information in FSA systems especially the PII data of the students, borrowers, and users
Specifies certain activities as not allowed, such as the sharing of FSA IDs
For the ten (10) days prior to expiration, users will be notified of the expiration of their security training when they log-in to COD
If the Annual Security Training is not complete, user will not be able to access COD

Changes: COD Enrollments and Log-in
Important Dates
February 2013
Initial information available on IFAP website
March 2013 -May 2013
Detailed instructions available on IFAP website
Primary Destination Point Administrators (DPA) enroll COD users in PM
COD users register and create a profile in PM to get a new FSA ID and Password
First Week of May 2013
Single (reduced) sign-on for COD goes live!
Next Steps for EIMS
Complete enhancements to PM
Send out communications through IFAP (Feb/March/May)
Implement new COD single (reduced) sign-on -COD Release 12.1, first week of May 2013
Begin work on removing PII for non-privileged users -Late Fall 2014
Perform feasibility testing with InCommon Federation
Provide ongoing progress information through IFAP
QUESTIONS?

Contact Info
Bridget-Anne Hampden
E-mail: bridget-anne.hampden@ed.gov
Phone: 202-377-3508