Presentation is loading. Please wait.

Presentation is loading. Please wait.

1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Scotland Modernising Government, Efficient Governement Conference 29.

Published byCornelius Alexander Modified over 9 years ago

Similar presentations

Presentation on theme: "1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Scotland Modernising Government, Efficient Governement Conference 29."— Presentation transcript:

1

2 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Scotland Modernising Government, Efficient Governement Conference 29 th October 2004

3 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Supplier Workshop 2 Authentication & Managing Identities

4 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Authentication & Managing Identities Introduction A Practical Example Panel Session

5 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Introduction Neil Boyd Business Development Manager SBL Scotland

6 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Introduction Neil Boyd Business Development Manager SBL Scotland Edinburgh

7 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Introduction Software Licensing Security Specialist Information Assurance Public Sector –MOD –Police –Local Government –Central Government –NHS GCat Prime Contractor DIPCOG/GIPSI/CIPCOG SIAF

8 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Introduction Definitions Setting the scene Concepts

9 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Introduction “Gaining and maintaining the confidence and trust of individuals, businesses and other organisations will be one of the key success factors for the provision of e.Government services.” “Registration and Authentication are two necessary activities for gaining and maintaining trust” Registration and Authorisation E-Government Startegy and Framework Policy and Guidelines Office of E-Envoy

10 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Registration “The process by which a user gains a credential such as a username or digital ceritificate for subsequent authentication”. Registration and Authorisation E-Government Startegy and Framework Policy and Guidelines Office of E-Envoy

11 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Authentication “The process that an electronic identity of a user is asserted to, and validated by, an information system for a specific occasion using a credential issued following a registration process. It may also involve establishing that the user is the true holder of that credential, by means of a password or biometric.” Registration and Authorisation E-Government Startegy and Framework Policy and Guidelines Office of E-Envoy

12 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Identity Changes Through Time People are born People are married People die People move house People move into the area People change their identities

13 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Identity Changes Through time People are born People are married People die People move house People move into the area People change their identities G8

14 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Identity Something owned Something known Some personal (biometric) characteristic

15 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Identity Name Address Mothers Maiden Name Address Appearance NI Number NHS Number Passport Driving Licence Birth and marriage Certificate Bank Statement Utility Bill Benefits/Tax documents Payslips Educational Qulaifications

16 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Identity Name Address Mothers Maiden Name Address Appearance NI Number NHS Number/Birth Registration Number Passport Driving Licence Birth and marriage Certificate Bank Statement Utility Bill Benefits/Tax documents Payslips Educational Qulaifications

17 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Authentication Password/PIN Smartcards Tokens Door Entry Systems [**********]

18 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Authentication Chip implants –O–Obtained US approval this month –Q–Quickly access patients medical records –S–Shares in Applied Digital Solutions jumped 68% on the news

19 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk “The Four A’s” Authenticate Authorise Administer Audit

20 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Why Authenticate ? Security Establishing the right to a service Registering for that service

21 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Why Authorise ? Security To control access to applications and services To control citizen access levels

22 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Administration Security Registration Self registration Self service Empowering the citizen Efficiency/Cost reduction

23 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Audit Security Accountability Recoverability Anti-Fraud

24 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Audit Security Accountability Recoverability Anti-Fraud ComplianceCompliance

25 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Compliance Control –Controls affecting internal people – Controls affecting external people The citizen People in other organisations or departments –“Federated Access Systems” Automatic enforcement of controls –Controls affecting applications –Web Services Management Enforcing controls between applications –Corporate Applications –Inter-company applications

26 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Compliance "Identity and access management related issues are among the weaknesses often cited by companies needing to accurately audit and document interactions with sensitive resources." "Whether it's Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, or other security or privacy regulations, customers need a complete identity management solution that can provide control and visibility into the activities of employees, customers, partners, and any other users of corporate applications across multiple systems and domains." Roberta J. Witty Research Vice President Gartner, Inc.

27 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk IdM in Action A Practical Example Birmingham City Council Keith Hickson, Manager, PwC

28 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Solaris Domino Tarantella. Web Identity ManagementApplications Identity Management Overview Foster Carers Users User Admins People’s Network Birmingham City Council Extension to People’s Network Foster Carers Secure Pages

29 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk User Management Services Personal information profile Administration Centralised Delegated User Self Service Group Management Object Management Workflow What is User Management? User Management is the term used to describe technologies that enable the management of large numbers of users, typically in the millions. Provisioning is also a term used to describe this space.

30 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Authentication What is Authentication? Authentication mechanisms are tools that provide differing levels of confidence about a persons identity (are they who they say they are?) – so as to enable business transactions Services Username and Password Basic over LDAP Form Based Additional Criteria PIN Number Security Question Stronger Authentication Digital Certificates Token Based Authentication Biometric

31 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Access Management Services Group / User Criteria Role Based Access Advanced Access control Multiple levels of Privileges HTTP Headers Cookies Integration Services Web Services What is Access Control? Ensuring that users are given access only to those applications or resources that they are entitled to see or use. Also known as Privilege Management Infrastructure (PMI)

32 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Enterprise Directory What is a Directory? A directory serves as a repository for user information. Access to the directory is via the Lightweight Directory Access Protocol (LDAP). Services Repository for Identity Information Directory Enabled Applications Multiple Directories Content management Other Applications Portals Lotus Notes Oracle / SAP Web Services / The Gateway

33 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Challenges Website Design and Security Libraries Non Web Based Architecture Authentication Service for UNIX Operating system Personal Information & Data Protection Administration Model

34 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Looking Forward Government Gateway Payment Services Online bookings and Applications Linked Services such as social services and Healhcare

35 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk IdM in Action A Practical Example Birmingham City Council Keith Hickson, Project Manager, PWC

36 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk The Panel Peter Gibbon,Senior Manager Terry Wilkinson, Manager of Sales Support Mike Wawro, Managing Consultant

37 1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Modernising Government Workshop SBL Scotland PO Box 28263 Edinburgh EH9 3YT Neil Boyd Email: neil_boyd@softbox.co.ukneil_boyd@softbox.co.uk Tel: 07734 59116 www.softbox.co.uk

Download ppt "1.02 – 13/08/2003 – CR 2730 Software Box Ltd Tel : 01347 812100 www.softbox.co.uk Scotland Modernising Government, Efficient Governement Conference 29."

Similar presentations

National Infrastructure – Citizen’s Account

National Infrastructure – Citizen’s Account
Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Copyright © 2005 – Clickshare Service Corp. All rights reserved. Payment Aggregation & Affinity Management Clickshare for the Media Industry For more information.

Copyright © 2005 – Clickshare Service Corp. All rights reserved. Payment Aggregation & Affinity Management Clickshare for the Media Industry For more information.
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)

- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Authentication & Kerberos

Authentication & Kerberos
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
Network Identity Kai Kang 27 th October 2004. Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -

Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -
Virtual techdays INDIA │ 18-20 august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –

Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
Understanding Active Directory

Understanding Active Directory
Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.

Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
21 June 2006Copyright 2006 University of Kent1 Delegation of Authority (DyVOSE project) David Chadwick University of Kent.

21 June 2006Copyright 2006 University of Kent1 Delegation of Authority (DyVOSE project) David Chadwick University of Kent.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Identity and Access Management

Identity and Access Management

Similar presentations

Ads by Google