Garry Compton Manager Government Authentication ANTA Workshop 05/08/03 Canberra, Australia An update on Commonwealth Authentication.

Slides:

Advertisements

Similar presentations

Integrating the NASP Practice Model Into Presentations: Resource Slides Referencing the NASP Practice Model in professional development presentations helps.

Advertisements

The Benefits and Challenges of Implementation of Basel II in Europe José María Roldán | 27 Sept 2005.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

Options appraisal, the business case & procurement

Lisanne Sison Director ERM Bickmore

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

IAEA International Atomic Energy Agency Responsibility for Radiation Safety Day 8 – Lecture 4.

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

A Snapshot of TEQSA Dr Carol Nicoll Chief Commissioner Festival of Learning and Teaching University of Adelaide Tuesday 6 November 2012.

Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.

Office of the Secretary of Defense – Comptroller Financial Improvement and Audit Readiness Directorate Unclassified 17 September 2014 GAO Revised “Green.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

National Address Management Framework Presentation to the SSI 17 September, 2008.

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.

Intra-ASEAN Secure Transactions Framework Project Progress Report

Australia’s Experience in Utilising Performance Information in Budget and Management Processes Mathew Fox Assistant Secretary, Budget Coordination Branch.

The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.

Information Technology Audit

National Smartcard Project Work Package 8 – Security Issues Report.

Proposed Whole of Government Direction for ICT Functional Leadership Workshop for monitoring departments 28 November 2013 John Roberts

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

A Common Immigration Policy for Europe Principles, actions and tools June 2008.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Benchmarking TVET systems Peter Holden Executive Director, International.

IT Risk Management, Planning and Mitigation TCOM 5253 / MSIS 4253

Internet Security for Small & Medium Business Week 6

National Infrastructure Tina Yule Technical Assurance Co-ordinator 21 st Century Government Unit.

Implementation of the Essential Standards The Australian Quality Framework (AQTF) is the national set of standards which assures nationally consistent,

PKI Forum Sydney 2000 Members Meeting Stephen Wilson Chair -- Certification Forum of Australia Director -- PricewaterhouseCoopers beTRUSTed PKI in Australia.

OECD/INFE Tools for evaluating financial education programmes Adele Atkinson, PhD Policy Analyst OECD With the support of the Russian/World Bank/OECD Trust.

1 IFRS in the Banking Sector A supervisor’s perspective REPARIS Workshop Marc Pickeur Vienna CBFA March 2006 Belgium.

The Draft SADC Annex on Trade in Services UNCTAD Secretariat Sub-regional Conference on Improving Industrial Performance and Promoting Employment in SADC.

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

John Grant Chief General Manager National Office for the Information Economy Canberra, Australia The Government OnLine Strategy.

© 2011 Underwriters Laboratories Inc. All rights reserved. This document may not be reproduced or distributed without authorization. ASSET Safety Management.

Annual seminar in Berlin – 27 th May Should EU corporate governance measures take into account the size of listed companies ? How ? Should a.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

ICT Action Plan Refresh

Prime Responsibility for Radiation Safety

E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.

1 of 27 How to invest in Information for Development An Introduction Introduction This question is the focus of our examination of the information management.

Regulatory Transparency and Efficiency in the Communications Industry in Australia Jennifer Bryant Office of Regulation Review Australia.

The privacy risks and rewards of distributed identity Conference Presentation (8 September 2003) Surveillance and Privacy 2003, University of New South.

Comments on the Report of the Gambling Review Commission 9 November 2011 By Pierre Coetzee Payments Association Of South Africa 1 Staying relevant, aligning.

Kathy Corbiere Service Delivery and Performance Commission

TEQSA The Tertiary Education Quality and Standards Agency.

1 The Privacy Impact Assessment Guidelines Guy Herriges Manager, Information and Privacy Office of the Corporate Chief Strategist, MBS November 2000.

Ombudsman Western Australia Serving Parliament – Serving Western Australians Evaluation in the Western Australian Ombudsman’s Office Kim Lazenby & Jane.

APEC Engineers Workshop Legal Considerations - Central Register Sept 2015 Angela Frawley, General Counsel.

The Points Based System Sponsorship Responsibilities Employer’s Obligations Cheryl Pellew.

eGovernment Forum Electronic Procurement - the Commonwealth Perspective Mary Gorman Government Interoperability Facilitation Team 19 March 2003.

The Workforce, Education Commissioning and Education and Learning Strategy Enabling world class healthcare services within the North West.

Prevention & Protection SAME ENDS DIFFERENT MEANS? THE FUTURE STRUCTURE AND PURPOSE OF CFOA’ s PREVENTION AND PROTECTION ACTIVITIES.

LRC Network Planning for Records Management improvement Kathryn Dan, GM University Records and Policy.

Australian National Audit Office Better Practice Guide: Implementation of Programme and Policy Initiatives Presentation to the Canberra PMI Chapter 7 March.

The technology behind the USPS EPM. AND COMPLIANCE March 25, 2004 Adam Hoffman.

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.

Auditing Concepts.

IPv6 within the Australian Government

Regulatory Transparency and Efficiency in the Communications Industry in Australia Jennifer Bryant Office of Regulation Review Australia.

Gender statistics in Information and Communication Technology for Women’s Empowerment and Gender Equality Dorothy Okello, Annual.

GENDER STATISTICS IN INFORMATION AND COMMUNICATION

9/16/2018 The ACT Government’s commitment to Performance and Accountability – the role of Evaluation Presentation to the Canberra Evaluation Forum Thursday,

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

Strategic Environmental Assessment (SEA)

AERODROME CERTIFICATION COURSE

Presentation transcript:

Garry Compton Manager Government Authentication ANTA Workshop 05/08/03 Canberra, Australia An update on Commonwealth Authentication

NOIE's role and the Authentication Working Group NOIE provides secretariat services to the Authentication Working Group (AWG) that is currently undergoing a project to develop a framework for whole of government online authentication. This initiative is to create a trusted online environment and to support the delivery of commonwealth services to individuals and businesses. NOIE and the AWG support the Chief Information Officers Committee (CIOC) and Information Management Strategy Committee (IMSC) to achieve these goals.

The Information Management Strategy Committee, Chief Information Officers Committee and Working Groups IMSC created to provided shared leadership advice on multi- agency and whole of government information management strategies. Members of the IMSC are at the Secretary or CEO level and are drawn from agencies that have key central roles in delivering services online. CIOC was created to support the IMSC. The CIOC has established a number of working groups, including the AWG.

Authentication - what is it? To authenticate an assertion - to confirm / establish a degree of confidence that the assertion is valid or genuine. It is important to differentiate between when it is necessary to authenticate an assertion about identity and when it is adequate to authenticate assertions about data, an attribute or a value. Attribute authentication involves proving that a person has a certain attribute or qualification. Value authentication is based on whether a certain amount of money is available. It is important to only require the authentication of identity when this is necessary to the transaction.

Identity Fraud A whole-of-government study to be undertaken to enhance the identification and verification processes for government agencies and to identify other measures to combat identity fraud. Fraud estimated to cost $4 billion per year. The use of false or stolen identities provides a means of committing terrorist acts, fraud on government programs, people-smuggling and illegal immigration, and threats to electronic commerce. One of the aims of the study will be to test the feasibility of an on-line identity verification service to be available to Commonwealth, State and Territory agencies.

Three major policy objectives essential to providing a whole of government approach to online authentication are:  consistency of user experience;  matching authentication options to transaction types and  a fit for purpose approach to the application of technological solutions. A whole of government approach to authentication is necessary Individuals undertake very different authentication processes with different agencies in order to access government services. If standardisation occurred, it would be easier for citizens and businesses to access government services and people would be more inclined deal with government in an online environment. NOIE Policy Objectives

A Business Case For online authentication to be a success it is important that legislation and government policy is based on a sound business case rather than being purely driven by technology. More important than the technological ability to perform authentication online is the ability to provide a service that benefits both government and business. Businesses are provided with little to no incentive to interact with government online if it is a costly and time-consuming process.

The Role of PKI It is important to match authentication options to transaction types. There is a role for PKI and high assurance applications. ABN- DSCs will provide a medium for high assurance business to government and business to business transactions to take place. HIC and HESA have developed a sector wide digital certificate that is currently in use to protect this type of information and authenticate practitioners and practices. This type of fit-for-purpose approach ensures you have a trustworthy and functional whole-of-government authentication system.

The Galexia Consultancy Two consultancies have been commissioned by the Authentication Working Group to help them develop a business case for authentication and to create a trusted online environment. Galexia consulting produced the first report regarding the use and implementation of Australian Business Number Digital Signature Certificates (ABN-DSCs). The report found that further methods to promote the use of ABN-DSCs would be required, especially given the absence of PKI applications available in the market. Continuing concerns about the integration of digital certificates into business processes, legal liability and other risks associated with their use.

The Convergence e-Business Solutions Consultancy Convergence report  second report commissioned by the AWG  aims to produce a framework for whole of government authentication in Australia. The report details the issues around the authentication of assertions relevant to government. Some of the major issues include selecting the most appropriate authentication technique eg: PKI Privacy can be a major stumbling block for whole of government authentication because there is often a trade off between levels of identity authentication and privacy concerns.

Privacy Preventing the invasion of personal privacy is an important part of any authentication solution. Privacy legislation requires government agencies to only collect and hold personal information that is necessary. The e-authentication initiative requires a Privacy Impact Assessment (PIA) be conducted to evaluate the potential impact on personal privacy. The IMSC and CIOC are committed to addressing privacy issues. NOIE understands the importance of addressing privacy issues in the initial stages of project development.

Thank You Garry Compton, Manager, Government Authentication NOIE