Presentation is loading. Please wait.

Presentation is loading. Please wait.

Liberty, Privacy & The Public Sector. 2 Agenda  Liberty & Privacy  E-government and identity  The promise of e-government  Importance of identity.

Published byRaymond Moody Modified over 9 years ago

Similar presentations

Presentation on theme: "Liberty, Privacy & The Public Sector. 2 Agenda  Liberty & Privacy  E-government and identity  The promise of e-government  Importance of identity."— Presentation transcript:

1 Liberty, Privacy & The Public Sector

2 2 Agenda  Liberty & Privacy  E-government and identity  The promise of e-government  Importance of identity to e-government  Identity defined and explained  Liberty Alliance and e-government  Benefits of Federated Identity to Governments  Illustrated use cases

3 3 Liberty & Privacy

4 4 Privacy The ability to control my identity on your network Who I am What you know about me When you know it How you can use it

5 5 Data on the Internet Easy and inexpensive to gather, store, analyze, transmit and reuse More readily accessible to a wider circle of data users Inherently global: The Internet knows no boundaries

6 6 Privacy Concerns Citizens are most concerned about  Security of sensitive information  Sharing personal information  Identity Theft

7 7 Liberty’s Focus on Privacy One objective of Liberty: Improve privacy through the federated model Liberty addresses privacy in specification development process  Public Policy Expert Group exerted influence from day 1 on privacy issues  Liberty invites input from policy makers and privacy advocates  Technology decisions are made to enhance privacy and make it easier to implement good privacy practices  Privacy and Security Best Practices were developed to promote privacy-friendly implementations and deployments  Security & Privacy Overview provides technical guidance on security and privacy ramifications of ID-WSF implementations

8 8 Liberty's Structure Promotes Privacy and Security  Federated structure means no centralized data storage that would be vulnerable to attack  Customer has more control of data because the permissions related to a piece of data can stay with that piece of data, guiding its use.  Use of unique identifier for each pair of service providers means that one key will not unlock all data

9 9 E-Government and Identity

10 10 The Promise of e-Government  Transform the business of government through Internet technologies to:  Improve public services  Increase convenience for citizens  Streamline business processes and improve efficiency  Reduce costs  Implement citizen-centric (rather than agency-centric) services  Prerequisite: e-citizen trust

11 11 E-Government Needs  Information sharing  Government – business – education – citizen  Interoperability  Dynamic provisioning, de-provisioning  Cohesive way to identify citizens  Citizen privacy

12 12 Why Identity is Important to Governments  Citizen and business identity is key to e- citizen activity  Identity is a primary data element  Used across all administrations to provide services  Use can result in positive or negative citizen view of government  Important for government to use correctly to create citizen trust

13 13  Citizens, agencies, business losing trust in web- based systems  Privacy concerns:  60% won’t buy online  Is my private information kept confidential?  Within the administrations ?  Can administrations correlate my private information ?  Security failures:  ID theft is #1 consumer complaint  Bad password management aids hackers Concerns about Identity

14 14 Identity Defined and Explained

15 15 Digital Identity  Prove through authentication :  Are you who you say you are?  Authentication is the foundation of all security  Security of the system is only as strong as its weakest link  Authentication is the only aspect of security that must involve the user

16 16  One factor (OK)  What you know: password, name  What you have: ticket, license, passport  Two factor (Better)  Combining factors  What you know and what you have  ATM card and PIN  Multi factor (Best)  Usually involves biometrics  What you know, what you have, who you are (biometrics)  ID Card, spoken pass phrase Forms of Authentication Password: ########

17 17 Challenges with Identity  Administrative issues  Multiple authentication mechanisms  Drivers license, passport, national identity card, username/password combinations, certificates…  Difficult to keep track of credentials  Privacy issues  Internet usage may proliferate digital identity dissemination  Must preserve privacy while sharing information  Need solid ways to establish proof of digital Identity  Authentication must be done securely

18 18 Liberty Alliance and e-government

19 19 Consortium developing open standards For federated identity management In coordination with other standards groups More than 150 participating members Government, business and consumer facing organizations World-wide cross-section of organizations Develops open specifications that anyone can implement Does not deliver specific products or services 20+ Liberty-enabled products and services available Addresses business & policy issues of identity  Guidelines, best practices documents, checklists  Support for global privacy regulations built into specs Liberty Alliance

20 20 Liberty: Federated Model Provider  The federated model provides an answer to the needs and requirements of governments  Disparate mechanisms joined dynamically into a single, logical whole  May be different types, strengths  Trust relationships established  Authentication accepted  Independent of mechanism or authority  No centralized control  User can authenticate locally, operate globally

21 21 Win the Citizens' Trust in e-Government  Liberty Alliance standards foster end-to-end authentication and security  Published and adhered-to policies create trust for all parties involved: citizens and government agencies  Maintain trust: protect citizens' personal data by using it only for the mutually intended purpose adhering to the published policies  Implement differential data access according to role and service

22 22 Freedom of Choice  Choice of solutions from many vendors  Open Source Software implementations  Conformity with widely accepted industry standards  Public specifications, with unrestricted access for everybody, create an even playing field  Liberty Alliance standards create opportunities for local industry and SMEs

23 23 Liberty adoption can increase confidence in, and use of, mobile and web-based services Enhances trust among citizens, business, civil servants Governments easily, cost-effectively deploy services that appeal to consumers/citizens Faster response time for critical communications Stronger security and risk management Ultimately Increased use of e-services Dramatic cost savings Support the Privacy State mission towards the Citizens The Benefits for Governments

24 24 The Liberty Advantage  Open specifications — allows different systems to interoperate and allows multiple vendor competition  Federated model — no central point of failure, no intermediation between you and citizen  Built on standards — works with legacy systems

25 25 Illustrated Use Case

26 26 Without federated identity All information must be duplicated, the citizen registers 5 times, may use 5 different identifications and passwords A use case without federated identity : A parent registers one of his children in a national school ; he/she uses a government identification number and a password which may be different for each ministry or agency; Logon to the Ministry of Education : to register the child Logon to the Ministry of Interior : obtain child's birth certificate Logon to the Ministry of Finance : obtain proof of place of residence Logon to the Ministry of Social Aid : if family eligible for social aid Logon to Ministry of Interior : proof of legal guardianship

27 27 With federated identity Citizen authenticate to any government authority Citizen connects to any government authority within the circle of trust of public services. Automatic update through integration between agencies One sign-on opens all connected services within the circle of trust education interior finance social aid Citizen connects once through any government authority; Automatically recognized by other government services

28 28 Citizen or business entity authenticates to one organization (e.g. tax portal) Results of authentication are accepted by others with whom who you have authenticated Motor vehicle department Land recordation authority Citizen aid organizations Related businesses, etc. Ideal situation

29 29 Other Use Cases Liberty-enabled e-learning system Government to school to citizen Educational content served to students Single sign-on, interoperability, openness – and privacy Local land records system Circle of trust among mortgage and title companies, customers and land records department Streamlined land recordation with time and money savings Increased integrity of local government land records system Patient Medical File Circle of trust between the patient and the physicians Each medical practice accesses the relevant information Access is given by the patient enabling privacy

30 30 Board and sponsor members include: Membership

31 31 Questions? Liberty Alliance www.projectliberty.org

Download ppt "Liberty, Privacy & The Public Sector. 2 Agenda  Liberty & Privacy  E-government and identity  The promise of e-government  Importance of identity."

Similar presentations

CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE. CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE 2 Digital Watermarking Alliance Charter The Digital Watermarking.

CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE. CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE 2 Digital Watermarking Alliance Charter The Digital Watermarking.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair
Creating Collaborative Partnerships in Business

Creating Collaborative Partnerships in Business
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Page 1 ©2000 Bull Major Challenges in e-Government Value System in modern IS’s for Public services Claude Boulle, European Affairs FP 6 Consultation Meeting.

Page 1 ©2000 Bull Major Challenges in e-Government Value System in modern IS’s for Public services Claude Boulle, European Affairs FP 6 Consultation Meeting.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
CertAnon A Proposal for an Anonymous WAN Authentication Service David Mirra CS410 January 30, 2007.

CertAnon A Proposal for an Anonymous WAN Authentication Service David Mirra CS410 January 30, 2007.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Similar presentations

Ads by Google