After several years of development, this month the General Services Administration formally published its plan to establish a decentralized identity management system that would enable secure single sign-on access for users of the government's online services.

Supporters consider the network crucial to the development of online services because it makes the user base easier to manage. As it stands now, every agency Web site requires visitors to register their user IDs and passwords to allow secure access to services.

Using a federated approach, the E-Authentication Service Component (ASC) will make it possible for one site to accept sign-on credentials registered at another site on the network.

If this catches on, potential users of government services — citizens, contractors, private businesses and other government entities — would be able to use one credential issued by a local government office or a financial institution to access any government service.

It's a big, positive step forward to solving the problem of identify management, said Bob Cook, executive chairman of Sigaba, a developer of secure messaging solutions.

The announcement doesn't necessarily break much new ground, he said, but knowing that they now have the ability to federate credentials should help move agencies forward.

"The next step will be for individual agencies to look at what is needed for this and then begin to work it into all of their secure communications," he said.

In the grand scheme of things, this is just one more step in the process, said Gerry Gebel, a senior analyst at the Burton Group, but it's a significant move. It's a public statement from GSA that, after running through a number of pilot tests to demonstrate and prove the concept of federated authentication, it does work, he said.

But he agreed with Cook that GSA's announcement alone isn't enough. "It's more than just having the technology ready," Gebel said. "Agencies still have to enable applications to take advantage of this new facility, they have to move forward on their side."

It's not only a matter of overcoming natural caution, however, because some fundamental questions are still unanswered. For example, although he was generally enthusiastic about GSA's notice and welcomed the many "good words" in the document, Brand Niemann, a computer scientist at the Environmental Protection Agency and a major proponent of Web services in government, thought it also raised questions.