| Home | Key
Personnel | Federation
Applications | Federation Links | Newsroom | Privacy & Security | Contact Us | Site Map |
 |
 |
Today's
Date is:
|
|
|
Electronic Risk and Requirements Assessment (e-RA) Background OMB M-04-04 Authentication Guidance requires risk assessments be completed for federal government applications that will be deployed using electronic authentication. To help agencies meet that need, the E-Authentication Initiative teamed with the Software Engineering Institute (SEI) at Carnegie Mellon University to develop a risk-based approach to authentication requirements, called the Electronic Risk and Requirements Assessment, or e-RA. This approach identifies the Risks associated with insufficient authentication of users, and it forms the basis for the definition of authentication requirements. The e-RA Tool The e-RA tool, available on this website, can be used to assess authentication risks of an online application. Click on the appropriate link below to download the version of the e-RA tool that will work for you. In response to feedback from e-RA users and the E-Authentication Program Management Office, the e-RA tool has been improved. The current database version is 1.5.2 (January 2009). The new version provides the following enhancements:
Please refer to the E-Authentication e-RA Tool Activity Guide before using the e-RA tool; particularly Section 2.2, page 4. Examples given are for illustrative purposes only. Use information appropriate for your application and agency policies. Important Note: When downloading the e-RA tool and opening the application, you may receive Security Warnings. These warnings may be ignored (click "open" to ignore the warning and begin using the tool). Download the Tool
Page Last Updated: 25-March-2009 |
|
|
|
|