E-GOVERNMENT : AUTHENTICATION OF IDENTITY By Hon Trevor Mallard Minister of State Services, State Services Commission, NZ Government, 16 April 2002. Available:

Slides:

Advertisements

Similar presentations

Thomas Myrup Kristensen EU Internet Policy Director Microsoft Corporation

Advertisements

The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.

Gregg McGilvray Chief Technical Strategist election.com.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.

BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date:

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Identity Management In A Federated Environment Identity Protection and Management Conference Presented by Samuel P. Jenkins, Director Defense Privacy and.

Agenda COBIT 5 Product Family Information Security COBIT 5 content

REPUBLIC OF ALBANIA PUBLIC PROCUREMENT AGENCY Introduction to the Albanian Public Procurement System Central Asia Regional Public Procurement.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

Respecting Privacy in Global Networks/ Guernsey, Wednesday 11 th April, Paula Ortiz López Spanish Data Protection Agency.

This paper states that one of the major problem to the adoption of cloud computing is that of security.  Existing cloud computing problem or concerns.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

UN Economic Commission for Europe 23rd UN/CEFACT FORUM 7-11 April rd UN/CEFACT FORUM – Geneva Tahseen A. Khan Project Proposal : Trusted Third Party.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality

National Smartcard Project Work Package 8 – Security Issues Report.

Regional Policy EXCHANGES OF INFORMATION BETWEEN THE M EMBER S TATE AND THE C OMMISSION (SFC2014) Fifth Meeting of the Expert Group on Delegated and Implementing.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

Information Systems Security for the Special Educator MGMT 636 – Information Systems Security.

Dao Dinh Kha National Centre of Digital Signature Authentication - Agency of Information Technology Application A vision on a national Electronic Authentication.

Österreich 2006 Austria 2006 Autriche 2006 Präsidentschaft der Europäischen Union Presidency of the European Union Présidence de L’Union européenne ★★★★★★

NAPHSIS REAL ID Overview June 6, 2007 In support of this key requirement,

BENCHMARKING DATABASES By Samy Kabangu Supervisor : Mr. John Ebden Computer Science Department Rhodes University.

State Services Commission Crown Copyright TC/DRM Standards & Guidelines What? Why? Archives New Zealand Recordkeeping Forum 5 March 2008.

Cloud Use Cases, Required Standards, and Roadmaps Excerpts From Cloud Computing Use Cases White Paper

CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.

Electronic identity management for eGovernment Conceptual framework and objectives Frank Robben General manager Crossroads Bank for Social Security Strategic.

CRM Prep Workshop Part 3 Records Systems, Storage and Retrieval.

Microsoft’s Commitment to Privacy Principles and practices concerning government access to enterprise customer data April 2,

E-RA E-Authentication Risk and Requirements Assessment Mark Liegey USDA/National Finance Center “Getting to Green with E-Authentication” February 3, 2004.

Essential Components: Acceptable Use Policy Presenter: John Mendes.

Design of Health Technologies lecture 22 John Canny 11/28/05.

consumerization of IT new social & app patterns cloud computing data explosion.

Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia.

7 th FIM 4 R meeting April 2014 ESRIN Frascati.

Paperless Government and the Law John D. Gregory Ministry of the Attorney General June 5, 2009.

Access Controls Henry Parks SSAC 2012 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary.

Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.

1 PARCC Data Privacy & Security Policy December 2013.

DG Information Society The EU and Data Retention Data Retention Meeting London, 14 May 2003 Philippe GERARD, DG Information Society The positions.

Welcome Topic : Security.

Privacy and Data Protection III Annual Latin American Telecommunications, Technology, and Internet Public Policy Forum Geff Brown, Assistant General Counsel.

SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:

Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011.

Case Study: Applying Authentication Technologies as Part of a HIPAA Compliance Strategy.

MyFloridaMarketPlace Quality Improvement Plan. Page 2 MFMP Quality Improvement Plan  The MFMP team has developed a quality improvement plan that addresses.

Interaction with Vendors that Support the PFMS: Experience of Kazakhstan Treasury Committee of the Ministry of Finance of the Republic of Kazakhstan, 2016.

Grid Deployment Technical Working Groups: Middleware selection AAA,security Resource scheduling Operations User Support GDB Grid Deployment Resource planning,

SEC 440 OUTLET The learning interface/sec440outletdotcom.

-1- WORKSHOP ON DATA PROTECTION AND DATA TRANSFERS TO THIRD COUNTRIES Technical and organizational security measures Skopje, 16 May - 17 May 2011 María.

Incorporating Privacy Into Systems Development Methodology Phil Moleski Director Corporate Information Technology Branch Saskatchewan Health

Clouding with Microsoft Azure

Chapter 4 – Requirements Engineering

GDPR Overview Gydeline – October 2017

Federated Identity Management for Scientific Collaborations

GDPR Overview Gydeline – October 2017

SEC 210 Become Exceptional/ newtonhelp.com. SEC 210 Assignment Emergency Planning And Risk Assessments For more course tutorials visit

BENCHMARKING DATABASES

CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.

Development of e-Government in Latvia

Model Contract for Health

HIPAA Security Standards Final Rule

Identity and Trust Management Platform in DICOM

CSCD 434 Network Security Spring 2019 Lecture 1 Course Overview.

Baseline Expectations for Trust in Federation

Session 1 – Introduction to Information Security

Presentation transcript:

E-GOVERNMENT : AUTHENTICATION OF IDENTITY By Hon Trevor Mallard Minister of State Services, State Services Commission, NZ Government, 16 April Available: 22.pdf, March pdf Presented by : Gopi Dinakaran

S U M M A R Y This paper presents the Policy Framework by considering several issues and risks for the implementation of secure Electronic Authentication for the E-Government services.

A P P R E C I A T I O N (1) Meticulously planned principles. Considered various issues such as Risks,feasibility,Cost,Public opinion, etc.

A P P R E C I A T I O N (2) Mentioning “Avoidance of VENDOR CAPTURE” in the Technology Neutrality which is one of the Implementations principles. What is VENDOR CAPTURE ? The process of forcing all the users to depend on any particular vendor’s products is called VENDOR CAPTURE.

How does “VENDOR CAPTURE” affect? For Example: Assume: The Government gives the contract of implementing the Electronic Authentication for all of its services to Microsoft, Microsoft develops authentication softwares which can work only on Microsoft OS. This leads to “VENDOR CAPTURE” and all of the users, agencies and the Government are forced to use Microsoft OS.

C R I T I C I S M (1) Author did not consider Cost Effectiveness on the user side for the implementation of the Electronic Authentication both in the Policy principles as well as Implementation Principles.

C R I T I C I S M (2) Acceptability Though the Author mentioned about the “Acceptability of the of the Authentication approach by the users”, the specific technique which would be used for any particular E-Government service might not be accepted by all the users.

P O L I C Y F R A M E W O R K Author’s view:  Acceptability -> users accept the approach.  Protection of Privacy -> protects privacy.  Fit for purpose -> satisfy the purpose.  Flexibility -> able to upgrade in future.

? Q U E S T I O N ? Assume: Fingerprinting is used as the authentication technique to get the access for IRD Services. Does this technique satisfy all the listed Policy framework principles?

THANK YOU !