Presented at the European e-Identity Management Conference 2011 in Tallinn, Estonia:
Reflections on current Government approaches to Trust, federation and identity management. What needs to change as we move forward. We have come a long way with PKI, federation standards, trust frameworks, etc. but are we there yet? Where is there still work to be done and mindsets to be changed?
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Mature Digital Trust Infrastructure - Are we there yet?
1. Mature Digital Trust Infrastructure Are we there yet? Søren Peter Nielsen, Chief IT Architect Danish National IT and Telecom Agency presented June 9th at European e-Identity Management Conference 2011 Tallinn, Estonia
4. Web SSO Model 1 4 5 6 3 Identity Provider “ Circle of Trust” Service Provider Authentication Authority Attribute Authority 7 2
5. Federation Building Blocks Business & Operating Rules Operational Infrastructure Service Providers/ Identity Providers Policy Technical Standards Auditing / Accreditation
6. Authentication Assurance Levels Factor Token Very High High Medium Low Employee Screening for a High Risk Job Obtaining Govt. Benefits Applying for a Loan Online Access to Protected Website PIN/User ID - Knowledge Strong Password - Based PKI/ Digital Signature Multi - Increased $ Cost Increased Need for Identity Assurance
7.
8. EU eGov Benchmark 2010 Fundamental IT enablers Key Horizontal Enablers
14. But the approach to Identity and Access management is still rooted in industrial age thinking Architecture and mindsets are locked into the identification-oriented paradigm
15.
16.
17. Validation-oriented paradigm (i.e. the user can prove that he represents a pseudonym via a secret key). Instead of all applications identifying the users and coupling local data to the identity (e.g. SSN), data is coupled to virtual identities (pseudonyms), which are subject to validation