Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal Government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a Federal Government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Experiments

This section of IDManagement.gov is dedicated to ongoing experiments and research initiated by the GSA Office of Government-wide Policy, Identity Assurance and Trusted Access Division, other agencies, industry and academia partners.

Please reach out to icam@gsa.gov with ideas, questions, and collaboration opportunities for us to consider.

IARPA HIATUS

The HIATUS - Human Interpretable Attribution of Text using Underlying Structure program aims to address various Intelligence Community (IC) and Law Enforcement (LE) needs such as combating sophisticated malicious information campaigns online, addressing counterintelligence risks, and fighting human trafficking and online fraud. It does so by developing novel Artificial Intelligence (AI) systems for attributing document authorship (Who is the author of this text?) in an explainable way (What is the evidence of authorship?), detecting AI-generated text (Was this document written by human or machine?) and protecting author privacy (How do I ensure that my writing is not attributable?).

HIATUS program artifacts such as trainable Dockerized text author attribution/privatization systems, auxiliary data processing and annotation scripts, and datasets are available at no cost to USG agencies and their contractors. Since the program kick-off in 2022, IARPA has successfully transitioned some of these artifacts to several Government agencies.

If your mission relies on determining authorship of text, text privatization or detection of machine-generated text content, please reach out to dni-iarpa-hiatus@iarpa.gov to discuss transition of HIATUS technology. The program is also interested in learning about new use cases.

To learn more about the IARPA HIATUS program and how it works, click the button below.

CDN Paper 1

Content Delivery Networks (CDNs) are integral to modern web infrastructure, offering improved performance, scalability, and security. However, they are often assumed to be infallible, which can cause people to overlook the potential vulnerabilities that cyber actors can exploit to access individual digital profiles, credentials, and sensitive information. In this paper, we examine these assumptions and associated risks.

Read the CDN Paper 1

CDN Paper 2

Content Delivery Networks (CDNs) are critical to ensuring fast and reliable web services. However, their ubiquity and central role in web infrastructure make them attractive targets for attackers. This paper provides a detailed analysis of attack methods, including supply chain attacks, cache poisoning, and DNS spoofing, which can exploit CDNs to spread malicious scripts and compromise digital personas.

Read the CDN Paper 2

Personal Security and Identity Management

Many people inadvertently create a false sense of security, mistaking the feeling of safety for actual security. To truly protect yourself and your loved ones, it’s vital to explore the distinction between feeling secure and being secure. While feeling secure is comforting, genuine security is what ultimately matters. Security can seem overwhelming, but the PDD™ framework simplifies it by providing an organized approach to assess and enhance your security strategy.

Read the Personal Security and Identity Management Paper

Public Identity Best Practice Guide

The federal government has identity proofing guidelines established by the National Institute of Standards and Technology, but these guidelines are not uniformly followed—particularly when ensuring linkage between a claimed identity and the person presenting the evidence. The practice of adhering to these guidelines must become standard across the federal landscape when citizens access federal services online.

Read the Public Identity Best Practice Guide

Public Identity and Access Management Service Guide

This practical guide is to assist federal agencies as they start to or further expand the use of Public Identity and Access Management (PIAM) services to provide citizen access to agencies’ services. Public identities are digital identities or accounts owned and managed by the agency, including US citizens, federal employees and contractors, service providers that assist US citizens and state and local affiliates.

Read the Public Identity Access Management Service Guide

Public Identity and Access Management Framework Guide

The PIAM framework encompasses the technologies, processes, and policies required to regulate and authorize individual access to resources. By implementing robust identity and access management, agencies can ensure that individuals access only authorized assets. This framework is thus instrumental in safeguarding agency assets from both internal and external threats, enforcing security protocols, and adhering to security guidelines and best practices.

Read the Public Identity Access Management Framework Guide

Public Identity and Access Management Process Guide

In today’s complex business landscape, successful public citizen onboarding is essential for building strong relationships and driving positive public user experience. In this guide, learn how Persona-based access control uses user “personas” (archetypes or roles) is used to define access permissions, streamlining security management and ensuring users only have access to what they need.

Read the Public Identity Access Management Framework Guide

Coming Soon

We are continuously adding new content to the Experiments section, the following is a list of whats next.

  • Post Quantum Crypto(PQC) and Post Quantum Encryption(PQE) for logical and Physical Access
  • Mobile PIV

IDManagement.gov

An official website of the U.S. General Services Administration

Looking for U.S. government information and services?
Visit USA.gov

This site is a collaboration between GSA and the Federal CIO Council. It is managed by the Identity Assurance and Trusted Access Division in the GSA Office of Government-wide Policy.

Edit this page