Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: 020 8275 0102 Mobile: 07771 765789.

Published byGarett Tester Modified over 10 years ago

Similar presentations

Presentation on theme: "Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: 020 8275 0102 Mobile: 07771 765789."— Presentation transcript:

1 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: 020 8275 0102 Mobile: 07771 765789 stephen.upton@btconnect.com

2 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Digital Certificates or Electronic Identities? tScheme v ‘tScheme2’ tScheme v ‘tScheme2’ CP/CPS-defined service approval v Security Level (0,1,2,3) risk assurance CP/CPS-defined service approval v Security Level (0,1,2,3) risk assurance Registration (RA) policy statements v ‘real-world identity’ validation/verification Registration (RA) policy statements v ‘real-world identity’ validation/verification Industry-led CA service co-regulation v e-Government service targets Industry-led CA service co-regulation v e-Government service targets

3 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group HMG Minimum Standards [HMGVInd] Service-defined security levels (0,1,2,3) Service-defined security levels (0,1,2,3) Face-to-face or remote Registration Face-to-face or remote Registration Types of evidence & number of items Types of evidence & number of items personal statement personal statement unique details for cross-checking unique details for cross-checking documentary evidence documentary evidence attributed ID and biographic ID attributed ID and biographic ID third party corroboration third party corroboration professional or commercial referees professional or commercial referees existing relationship existing relationship length x frequency of recorded interaction length x frequency of recorded interaction

4 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Personal Identity challenges From Home Office ID Fraud report: Identity authentication = validation + verification Identity authentication = validation + verification Attributed identity [risks of document theft, forgery] Attributed identity [risks of document theft, forgery] Biographic identity [risks appear lower e.g. covert operations] Biographic identity [risks appear lower e.g. covert operations] Biometric identity [risks of untried scale, unreliable results] Biometric identity [risks of untried scale, unreliable results] at the Point of Issue – verifying a ‘real-world’ identity at the Point of Use – authenticating an ‘electronic’ identity

5 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group The evolving role of HMG Passive/Supportive - tScheme Passive/Supportive - tScheme Enabling – Gateway & Intermediaries Enabling – Gateway & Intermediaries Active/Controlling – ID Cards, Benefits ‘push’ Active/Controlling – ID Cards, Benefits ‘push’ - perceived dependencies: Trust Trust Accuracy Accuracy Accessibility Accessibility Privacy Privacy Scrutiny Scrutiny

6 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Ongoing issues & trends Service intermediaries → ‘Data Brokers’ Service intermediaries → ‘Data Brokers’ tScheme Approval → PI ‘Kite Mark’ tScheme Approval → PI ‘Kite Mark’ RIPA → consent-enabled ‘Data Sharing’ RIPA → consent-enabled ‘Data Sharing’ Independent assurance → regulatory control Independent assurance → regulatory control Online security → offline privacy Online security → offline privacy Federated identity → consolidated identity Federated identity → consolidated identity Shared secrets → ‘joined-up’ secrets Shared secrets → ‘joined-up’ secrets Risk control → defensive intrusion Risk control → defensive intrusion

7 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group The challenges remain: Registration security Registration security Data protection Data protection Objective, transparent, proportionate and non-discriminatory regulation Objective, transparent, proportionate and non-discriminatory regulation Risk-based assessment Risk-based assessment Independent assurance Independent assurance

8 Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Conclusions? Travelling hopefully Travelling hopefully Reviewing the road map Reviewing the road map Changing drivers Changing drivers e-commerce e-commerce e-government e-government entitlement/identity entitlement/identity Standards & assessment [ What? How? Who?] Standards & assessment [ What? How? Who?] Arriving [ When? Where? Why?] Arriving [ When? Where? Why?]

Download ppt "Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: 020 8275 0102 Mobile: 07771 765789."

Similar presentations

CONFIDENTIAL 1 Preparing for & Maintaining PCI Compliance.

CONFIDENTIAL 1 Preparing for & Maintaining PCI Compliance.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
© Fujitsu Services 2004 EURIM PI Data Sharing sub- group 13 January 2005 EURIM PI Group Data sharing in practice A Fujitsu Perspective John Newton Account.

© Fujitsu Services 2004 EURIM PI Data Sharing sub- group 13 January 2005 EURIM PI Group Data sharing in practice A Fujitsu Perspective John Newton Account.
EURIM Personal Identity Group Data Sharing Model for Public Services 13 th January 2005 Jim Lound © Experian Ltd 2005.

EURIM Personal Identity Group Data Sharing Model for Public Services 13 th January 2005 Jim Lound © Experian Ltd 2005.
AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Functional component terminology - thoughts C. Tilton.

Functional component terminology - thoughts C. Tilton.
Department of Labor HSPD-12

Department of Labor HSPD-12
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
Creating a Winning E-Business Second Edition

Creating a Winning E-Business Second Edition
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.

Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.
Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.

Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.
Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.

Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.
Intra-ASEAN Secure Transactions Framework Project Progress Report

Intra-ASEAN Secure Transactions Framework Project Progress Report

Similar presentations

Ads by Google