Presentation is loading. Please wait.

Presentation is loading. Please wait.

EGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011.

Published byMilo Tate Modified over 9 years ago

Similar presentations

Presentation on theme: "EGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011."— Presentation transcript:

1 eGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011

2 A 2-part presentation with conclusion and discussion: Colin: overview the landscape & highlight policy-oriented common touch points Fulup: detail technically-oriented common touch points Colin: draw conclusions and facilitate discussion

3 ‘the Venn of eGovernment’ – a framework of frameworks? What is this? GovernancePolicy Legislation & regulation Conformance & certification Technology Management Identity Information Management Interoperability

4 ..of ecosystems, federations and frameworks…. is it all semantics? Identity Ecosystem? Trust framework? eGovernment (interoperability) Framework? Transformational Government framework? Cloud computing framework? Trust federation?

5 …grouped by breadth of scope, level of detail European Interoperability Framework National Strategy for Trusted Identities in Cyberspace OASIS’s Transformational Government Framework eGIFs everywhere.. PEPOL STORK etc Semantics and taxonomy Conformance and certification etc

6 Question… If one framework uses asserted government issued credentials (a government IdP) and another framework uses asserted private sector credentials (a private sector IdP) does it matter?

7 Question… If one framework is based on regulation and legislation and another framework is based on contract and common law does it matter?

8 Technical Commonalities eGov Profile v2.0 The goal is to implement a certification process that allows a non-expert to select the correct product suite. Common technical issues are: Metadata exchanges Authentication assurance SSO/SLO session management Proxy and authentication attributes

9 Metadata exchange Most, if not every, government relies on some form of contract to handle IDP/SP relationship. Publication of Metadata in a well-known location Generation/Exportation is OPTIONAL Verification, if implemented, MUST use XML signature

10 Authentication Assurance Framework Most governments rely on some form of assurance framework based on some form of NIST equivalent level Implemented through OASIS Assurance Framework MUST support the acceptance/rejection of assertions based on the content of the elements It is hard to agree on a common certification, but it is a MUST have to agree on a common framework and assure interoperability

11 SSO/SLO Session Management Logout is the main technical issue for implementers. eGov profile enforces as a MUST for SLO HTTP transport binding SAML SOAP LogOut request SAML redirect [optional for SP] Specify user options to control SLO behaviours. TLS and other forms of authentication with SAML/SOAP are optional.

12 Proxy Authentication [Only for Full V2.0 Profile] Suppression or editing of RequesterID elements from outgoing AuthnRequest Support the mapping of incoming to outgoing AuthnContext elements MUST support the suppression of

13 Questions? http://kantarainitiative.org http://docs.oasis-open.org/security/saml/v2.0/

14 Conclusions They are all (federated) trust frameworks There are broad (eGov and TGov) trust framework deployment profiles There are narrower (cloud) trust framework deployment profiles They comprise common components They have common requirements – policy, semantics, conformance, compliance, certification etc

Download ppt "EGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011."

Similar presentations

A brief look at the WS-* framework Josh Howlett, JANET(UK) TF-EMC2 Prague, September 2007.

A brief look at the WS-* framework Josh Howlett, JANET(UK) TF-EMC2 Prague, September 2007.
Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.

Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.
1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.

1 1 GFIPM Enabling Federated Identity and Single Sign-on John Ruegg LA County Information Systems Advisory Body June 11, 2014.
OOI-CI–Ragouzis–2007.10.15 Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop 17-19 October 2007.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
State Services Commission New Zealand Government Crown Copyright 2007 www.ssc.govt.nz “Standards are only the beginning.. …of the beginning.. … of interoperability”

State Services Commission New Zealand Government Crown Copyright “Standards are only the beginning.. …of the beginning.. … of interoperability”
The ICAR Federated Identity Model Massimiliano Pianciamore, CEFRIEL Francesco Meschia, CSI-Piemonte

The ICAR Federated Identity Model Massimiliano Pianciamore, CEFRIEL Francesco Meschia, CSI-Piemonte
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,

Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Web Service Standards, Security & Management Chris Peiris www.ChrisPeiris.com.

Web Service Standards, Security & Management Chris Peiris
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz

Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.

Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.
SWITCHaai Team Introduction to Shibboleth.

SWITCHaai Team Introduction to Shibboleth.

Similar presentations

Ads by Google