Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia.

Similar presentations


Presentation on theme: "Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia."— Presentation transcript:

1 Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia

2 Agenda Background on BC & Use Cases Connected Workforce Citizen Centred Service Authoritative Parties & Claims IDM Architecture Project IDM Pilots Claims and Standards Questions

3 Province of British Columbia Here

4 Province of British Columbia Western most province in Canada 4.4 Million Citizens 400,000 Businesses 2 Million workers 400,000 people participate in the delivery of public services

5 Two general use cases Connected Workforce Many public and private sector organizations Using different vendor products Sharing information for better outcomes Citizen Centred Service Providing electronic services to citizens Privacy, safety and ease of use

6 Connected Workforce 400,000 member workforce Approximately 500 public sector organizations Government ministries, agencies & boards Health authorities and hospitals School districts, universities, colleges Municipalities, regional districts Crown Corporations 1000’s Licensed professionals 10,000’s of contracted service providers

7 Connected Workforce “Information Sharing for better outcomes” Workforce should be able to get access to the information they need to do their job. An identity management eco-system is key to ensuring the right person has access to the right information, at the right time, and for the right purpose.

8 Connected Workforce 400,000 Businesses They may have their own sophisticated IT infrastructures and have a username & password or smart card at their workplace Or they may need a common Identity provider service BCeID is our identity service

9 Number of Businesses Size of Business Federated Businesses Common Identity Provider BCeID for small businesses

10 Citizen Centred Service 4 Million citizens A common Identity provider service for public services in any sector BCeID is our service Desire for additional features Privacy protection and Minimal Disclosure Internet Safety

11 Authoritative Parties and Claims Government is an authority for personal identification claims Government is an authority for business identity claims Organizations are an authority for claims about their employees Professional bodies are an authority for claims about their members Individuals are the authority for some claims about themselves

12 BC Identity Management Forum Spring 2006 April 2006 we brought together the largest BC public sector organizations and our major IT suppliers Invited them to work towards a solution that Protects privacy & security Leverages authoritative sources for identity information (claims) Scales to connect our workforce and the public

13 BC Identity Management Forum Fall 2006 Engaged public sector CIO’s and architects Contracted with Bell, CA, Deloitte, IBM, Microsoft, Nortel, Novell, Oracle, Siemens, Sun Microsystems, Sxip, and Telus Sxip Identity to coordinate and manage forum Develop an architecture for the two use cases

14 BC Identity Management Forum Requirements Document Contents An agreed lexicon of terms 34 general requirements Privacy best practices Security gradient Authoritative sources of identity claims Loose coupling for scaling http://www.cio.gov.bc.ca/idm/idm_forum/

15 BC Identity Management Forum Architecture Document July 2007 Contents Background/methodology/principles Core architecture interactions Additional use case interactions Standards and architecture recommendations http://www.cio.gov.bc.ca/idm/idm_forum/

16 Core Architecture Authoritative Party (AP) Relying Party (RP) Identity Agent (IA) Authorities recognized to make claims Request and accept claims to satisfy local policy. Facilitates and controls the distribution of claims for a principal. Root Authorities/Trust Model Local Policy audit log Local Policy Audit log

17 BC Identity Management Forum Test/Pilot the two main use cases Connected workforce Citizen centred service Using Information Cards

18 BC Identity Management Forum Pilot 1 Connected Workforce Access to each other’s wireless LAN’s using a Managed Information Card Microsoft is providing software so that we can issue Managed Information Cards from 5 organizations Ping Identity is providing software for authenticating users with Managed Information Cards for WiFi access Telus is hosting wireless authenticator

19 Corporate AD Authoritative Party (AP) Shared Authenticating Web Server (RP) Wireless LAN configured to use Authenticating Web Server and AP’s Visiting user selects Corporate Managed Information Card Internet

20 BC Identity Management Forum Pilot 2 Connected Workforce Access to a shared collaboration site using Managed Information Cards Microsoft is providing software so that pilot users from 5 orgs can access a Sharepoint 2007 collaboration site with Managed Information Cards Telus is hosting the Sharepoint Site at their Calgary data centre.

21 Corporate AD Authoritative Party (AP) Collaboration Site Sharepoint Web Server (RP) User selects Corporate Managed Information Card Internet

22 BC Identity Management Forum Pilot 3 BCeID Business users Issue Managed Information Cards to select business users. CA is providing software to authenticate and authorize users based on claims in Managed Information Cards. Microsoft software for Managed Information Cards for our business identity service www.bceid.ca Access to Sharepoint, Wireless, and a test web application.

23 https://www.bceid.ca Authoritative Party (AP) BCeID Point of Service Relying Party (RP) Issues managed cards Verifies claims Accepts managed cards sends managed card Visits BCeID service counter Internet

24 Claims – a need for information standards personal identification claims minimal disclosure claims assurance level claims business identity claims claims about employees claims about professionals Individuals are the authority for some claims about themselves

25 Questions?


Download ppt "Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia."

Similar presentations


Ads by Google