Presentation is loading. Please wait.

Presentation is loading. Please wait.

NHS Identity Authentication fit for modern health and social care

Published byMaurice Melton Modified over 5 years ago

Similar presentations

Presentation on theme: "NHS Identity Authentication fit for modern health and social care"— Presentation transcript:

1 NHS Identity Authentication fit for modern health and social care
Presented by Neil Birch Implementation Manager

2 NHS Identity – Overview
What is NHS Identity? NHS Identity is a new Identity Management Service for NHS Staff Digital Identities Will replace the current Care Identity Service (CIS) Expected to run in parallel with CIS for months Why do we need it? Current system is now 15 years old Not easily scalable to future needs Ongoing hosting and support cost Access is limited to Smartcards on a Windows device over a N3/HSCN connection

3 NHS Identity - Why are we embarking on this?
A highly assured, secure, trusted national care worker digital identity Supports different levels of identity assurance/authentication (IAL/AAL) Enable Single Sign-on for seamless access into 3rd party Managed National Services e.g. NHS Mail, ESR Simplify & Speed up the Logon experience Support profile switching on supported devices Enable Mobile Working - access anywhere, from any device, any platform, any browser National Digital Signature service that conforms to e-IDAS rules An alternative to Smartcards – provides local choice on how care-workers are authenticated Simplified Registration process with self-registration options Meets the Matt Hancock vision for digital services

4 NHS Identity / CIS – Quick Comparison
The Care Identity Service Single route into Spine Requires Smartcard Requires N3/HSCN network Only runs on Windows Requires Identity Agent and middleware installed on all Clients 3 New national services will be built: National Care Worker IDP – Will provide logon services at various levels depending on the organisation scenarios requirements. Initially Smartcard, OTP and Push Notification on service go live followed by FIDO based biometric support. Platform agnostic (e.g. ChromeOS) National Access Gateway – Will protect national API’s and services referencing a granular rules and policies set National Federation Service – Will allow the national signon to be used to access 3rd party national services such as NHSMail, O365 and ESR.

5 NHS Identity / CIS – Quick Comparison
Available over the internet No need for N3/HSCN Available from device, any platform, any browser Does not require Identity Agent 3 New national services will be built: National Care Worker IDP – Will provide logon services at various levels depending on the organisation scenarios requirements. Initially Smartcard, OTP and Push Notification on service go live followed by FIDO based biometric support. Platform agnostic (e.g. ChromeOS) National Access Gateway – Will protect national API’s and services referencing a granular rules and policies set National Federation Service – Will allow the national signon to be used to access 3rd party national services such as NHSMail, O365 and ESR.

6 NHS Identity – Some of the Tech Speak
OpenID Connect (Authentication) OAUTH2 (Authorisation) FIDO2 (Device Registration) Federation (SSO) Identity Assurance Levels (IALs 1-3) Authenticator Assurance Levels (AALs 1-3) Scopes and Claims

7 NHS Identity – supported devices

8 Definitions of Assurance/Authentication
NHS Identity supports 3 levels of authentication – level 3 required for clinical data Based on Cabinet Office Good Practice Guides (43, 44, 45) will replace (e-Gif Level 3) Advice from UK National Cyber Security Centre and US National Institute of Systems & Technology

9 NHS Identity – Roadmap 2018/19
First Service live on NHS Identity – Q1 (2018) Platform builds/upgrades (inc Sandpit) – Q4 (2018) Mobile access to Summary Care (SCRA) – Q1 OIDC for Smartcards – Q2 AAL1/AAL2 generic solution – Q3 FIDO2 registration of devices – Q4 DLP to platinum service – Q4 NRL phase 2 Federated Identity (SSO) Digital Signing

10 NHS Identity - Long Term Roadmap Themes
Simplifies Process Increases Security Benefits Saves Time Simplifies Process Increases Security Benefits NHS Identity - Long Term Roadmap Themes Increases Security Single trusted digital identity signature Saves time Increases Security Saves Money Benefits Benefits Saves time Simplifies Process Increases Security Benefits IOT Management Single trusted digital identity Saves time Simplify Logon Increases Security Enables Mobility Benefits AI Continual Risk Analytics User & Role Management Remote Signature Simple Registration Next Gen Access Control 2017/2018 2019/2020 2019/2020 2019/2020 2020/2021 2020/2021

11 NHS Identity – interested?
For Further details: Overview Vision Roadmap Onboarding Training Guides Sandpit access General Enquiries:

12 Finally – a world without Passwords!

13

Download ppt "NHS Identity Authentication fit for modern health and social care"

Similar presentations

Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 

Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
Copyright JNT Association 20051Optional www.ukfederation.org.uk Copyright JNT Association 2007 1 Joining the UK Access Management Federation 4th April.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.

Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.

Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.

UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.

Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.
The Internet Identity Layer OpenID Connect Update for HIT Standards Committee’s Privacy and Security Workgroup Wednesday, March 12th from 10:00-2:45 PM.

The Internet Identity Layer OpenID Connect Update for HIT Standards Committee’s Privacy and Security Workgroup Wednesday, March 12th from 10:00-2:45 PM.
DigitalPersona, Inc. Biometric Authentication for Digital Authentication Presented by: Brian Farley, Western Sales Regional Manager DigitalPersona.

DigitalPersona, Inc. Biometric Authentication for Digital Authentication Presented by: Brian Farley, Western Sales Regional Manager DigitalPersona.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Similar presentations

Ads by Google