Creating a European entity Management Architecture for eGovernment Id GUIDE Keiron Salt

Slides:



Advertisements
Similar presentations
1 Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM( final) {SWD(2012)
Advertisements

Siemens IT Solutions and Services Porvoo 12 – Grosseto, October 2007 Update on EU Common Specifications.
Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
Stork 2.0 is an EU co-funded project INFSO-ICT-PSP Robert Scharinger & Gottfried Heider (Ministry of Health, AT) WP 5.4 eHealth pilot - epSOS OpenNCP.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Dutch eID-Scheme Technical Specifications. Content High level introduction and background information Drivers and functional requirement Resulting landscape.
Lecture 23 Internet Authentication Applications
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
The ICAR Federated Identity Model Massimiliano Pianciamore, CEFRIEL Francesco Meschia, CSI-Piemonte
2-Jun-15 1 ACCESSING ON LINE SERVICES PROTECTED BY THE ITALIAN EID GIOVANNI MANCA National Center for Information technology in Public Administration (CNIPA)
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
Stork is an EU co-funded project INFSO-ICT-PSP STORK PRESENTATION STORK Presentation Lithuania March 2010.
Evolution in cross-border interoperability of eSignatures and eID Tarvi Martens SK, Estonia.
ISA programme: Secure-related initiatives Miguel Alvarez Rodríguez.
European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Initial slides for Layered Service Architecture
Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.
Synthesis of the Eurosmart’ Technical Day on eID interoperability Bruno Rouchouze, ID SG Convenor Porvoo 12, Grosseto - Italy.
Harmonisation of electronic Identities for the European Citizen Jan van Arkel, co- chair Porvoo group, May 11, 2006 Ljubljana.
Österreich 2006 Austria 2006 Autriche 2006 Präsidentschaft der Europäischen Union Presidency of the European Union Présidence de L’Union européenne ★★★★★★
Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.
How can I trust the rest of Europe ? Requirements and a possible organisation with regard to epSOS and eHealth Frank Robben General manager eHealth platform.
Secure Management of Information across multiple Stakeholders SEMIRAMIS – CIP-ICT PSP SEMIRAMIS General Presentation.
Save time. Reduce costs. Find and reuse interoperability solutions on Joinup for developing European public services Nikolaos Loutas
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
GC Credential Management Evolution for the OASIS/World Bank eGov Workshop 17 th April, 2009For information, please contact:
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.
SAML 2.0: Federation Models, Use-Cases and Standards Roadmap
Integrating Federated Identity and Web services in the RHIO Environment John Richardson Vice-Chair, Liberty Alliance eHealth SIG Intel Corporation Digital.
Moderator: Göran Axelsson, Swedish Agency for Public Management Inputs for a pan- European strategy.
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Paulo Lopes Counsellor for Information Society and Media European Union Delegation in Brazil The European Union Approach to the Interoperability of e-Government.
SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.
Workshop Presentation [1] Investigating Liberty Alliance and Shibboleth Integration Nishen Naidoo, Supervisor: Dr. Steve Cassidy.
Shibboleth: An Introduction
W HAT IS I NTEROPERABILITY ? ( AND HOW DO WE MEASURE IT ?) INSPIRE Conference 2011 Edinburgh, UK.
SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.
Dr Aniyan Varghese eGovernment Unit eGovernment Unit Directorate General Information Society Dr Aniyan Varghese eGovernment.
 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. Semantic Web Services Cluster Pan-European E-Government Services.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
EGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011.
EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.
19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.
In Vivo Imaging Middleware — Phase 6 Ashish Sharma, Tony Pan, Y. Nadir Saghar.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
The FederID project The First Identity Management and Federation Free Software.
Access Policy - Federation March 23, 2016
Cross-sector and user-centric AAI
HMA Identity Management Status
Identity Federations - Overview
Data and Applications Security Developments and Directions
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Dashboard eHealth services: actual mockup
Introduction to European Interoperability Framework and IDAbc proposal
e-Invoicing – e-Ordering 20/11/2008
eGovernment - The technological potential
Directorate General Information Society & Media
The e-government Conference main issues
Ministerial Declaration
Ministerial Declaration
Presentation transcript:

Creating a European entity Management Architecture for eGovernment Id GUIDE Keiron Salt

What is GUIDE ? GUIDE (Government User Identity for Europe) is an European Union funded research project conducting research and technological development with the aim of creating a technological, institutional, policy and socio-economic architecture for secure and interoperable e-government electronic identity services and transactions for Europe.

Road of GUIDE and EU 2004: Lisbon Agenda 2006: Manchester ‘2010 Declaration’ Encourage Free Movement of Citizens, Capital and Services across the EU to encourage the Internal Market Pan-European Identity Interoperability

GUIDE Architecture Summary Objective Creating an open architecture for Pan-European e-government electronic identity interoperability To enable Member States to agree on the identity of an entity (for example a citizen or a business) In order to enable eGovernment sectoral applications to conduct cross- border transactions with respect to that entity The GUIDE architecture aligns with, leverages, and exploits both of The IDABC European Interoperability Framework(EIF) architecture Emerging International Standards for Federated Identity Management

The Motivation ‘View’ - What are the Business Problems we’re trying to solve? - Getting the Scope right. Is About Identity data interoperability Authentication Cross border services Standards adoption Standards specification Is Not About Storing Identity data will in GUIDE Application data interoperability Authorisation Internal MS services Re-inventing Implementation Guide delivers identity interoperability across the Member States of the EU. Guide is not an end in itself, but a key enabler for Application inter- operability to enable the Lisbon Initiatives which deliver the real benefits. Guide aims to enable uninhibited movement and seamless government engagement for citizens & businesses across the EU.

Guide positioning with other EU Initiatives IDABC – Generic middleware, Network Guide – Identity Interoperability eID – Smart card standards, & Issue Prime – Privacy Enhancement PKI – Certificate Management SchengenEBReTEN20 eGOV Apps Applications Front-End Enrolment, etc Back-End Interoperability IDABC Architecture alignment

Guide & EIF / IDABC Synergy IDABC PEGS Architecture – CGEY

GUIDE Topology MS1 Cross Domain MS3 Cross Domain MS2 Provider Hub MS4 Provider Hub MS5 Provider Hub Application Service Provider Sub-national Identity Provider Hub National Identity Provider Hub EU Identity Federation National Identity Federation EU Identity Provider Hub Identity Provider Hub

Subsidiarity v Standardisation Identity Provider Service Consumer Service Provider UNIFORM FIM MODEL FIM Standard Models expect all actors to fall under the same model GUIDE acknowledges that MS can utilise different FIM models UNIFORM FIM MODEL Guide GW Guide GW Guide GW Identity Provider LIBERTY Service Consumer SHIBOLETH Service Provider WS-FEDERATION Uniform FIM Guide FIM Gateways must act as Proxies for the Real actors

Pan EU Citizen Authentication Scenarios Applications Identity Providers Access Channels Member State 2 Applications Identity Providers Access Channels Citizen from Member State1 Civil Servant Civil Servant Citizen present, and logging on to foreign system as a user (SSO) Citizen present, but user is a foreign Civil Servant Citizen not present, administrative trigger – eg. receipt of E101 form SAML & Liberty Alliance Profiles Member State 1 GUIDE gateway

GUIDE Software Agent - Logical Component Architecture GUIDE Request Handler GUIDE SAML Profile Interface Transformation Services GUIDE Interaction Service GUIDE Discovery Service GUIDE Liberty Profile Interface Transformation Services GUIDE Software Agent Member State Interface GUIDE SAML Interface GUIDE Liberty Interface

Main GUIDE Core Services Logical Process Flow Identification Authentication Assertions Attribute Provision Interaction Discovery Identity Requests Transformation Services Infrastructure Services Trust Services Security, Assurance, Privacy Redirection Consent Usage Directives Update Lookup

Service Profiles & Protocol Bindings Guide Abstract Service Model http IDABC eLink Binding? Liberty ID-WSF V2.0 Authentication MechanismAuthentication RealmAuthentication Context Guide Profile of Liberty Specs Guide Mechanisms Guide Realms Guide Assurance Levels SAML v2.0 Shiboleth WS-Federation SOAP

Guide Liberty Profile for Discovery urn:liberty: id-sis-pp: urn:liberty:id-sis-pp:home urn:liberty:id-sis-pp:informalName urn:GUIDE:Realm:SocialSecurity urn:GUIDE:Assurance:2 not used Naming standards Profiling

Guide SAML Profile for Identification <AttributeQuery ID="AjCUk2lleGVzft1456kRp51oFvJ5k" Version="2.0" IssueInstant=" T17:42:04Z" Destination=" xmlns="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs=" xmlns:xsi=" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:2.0:assertion > John Doe <!-- omitted: methods for specifying desired attribute formats this should be provided by D > Chinese GB <!--... digital signature --> Naming standards Profiling

Guide & EIF / IDABC Synergy IDABC PEGS Architecture – CGEY

Guide Trust Model Trust Model Security ModelAssurance Model Governance Policy Accreditation Liability Technical Domain Policy Domain Privacy Model

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.