NIST readies security, workflow pilot

The Commerce Department's National Institute of Standards and Technology

is getting ready to kick off a 100-seat pilot to test security and electronic

workflow applications.

The E-Approval pilot participants, who are scattered throughout NIST, will

begin using public-key infrastructure and digital signatures, electronic

forms and workflow applications for "real work" within the next few weeks,

said Bruce Rosen, associate director for CIO projects in NIST's Information

Technology Lab. A final training class was held last week.

Using technology from Entrust Technologies Inc., NIST employees will be

able to digitally sign and encrypt e-mail and electronic forms. But the

pilot is more than just PKI, Rosen said. "It is actually part of a larger

effort to do electronic workflow and include the ability to sign things

within workflow using PKI," he said.

NIST plans to start out slowly, Rosen said, and test only a few forms and

their associated workflow processes. Some forms, such as an internal work

order to get a new key made, require few signatures. But other forms, such

as a form used to initiate a procurement, must go through a more complex

approval process that involves more people.

In some cases, the business process will change. "Using these electronic

workflows can emulate the current method of processing paper or can change

it," Rosen said.

NIST contracted with integrator Matcom to put the pilot in place. It is

using products from HandySoft Corp. called BizFlow and BizForms to enable

the electronic workflow and electronic forms applications.

If the pilot proves successful, it will be rolled out to the rest of NIST,

Rosen said.