Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Liberty, Privacy & The Public Sector

advertisement 
Liberty, Privacy &
The Public Sector
Agenda
 Liberty & Privacy
 E-government and identity
 The promise of e-government
 Importance of identity to e-government




Identity defined and explained
Liberty Alliance and e-government
Benefits of Federated Identity to Governments
Illustrated use cases
‹#›
Liberty & Privacy
‹#›
Privacy
The ability to control my identity on
your network
Who I am
What you know about me
When you know it
How you can use it
‹#›
Data on the Internet
Easy and inexpensive to gather, store,
analyze, transmit and reuse
More readily accessible to a wider circle of
data users
Inherently global: The Internet knows no
boundaries
‹#›
Privacy Concerns
Citizens are most concerned about

Security of sensitive information

Sharing personal information

Identity Theft
‹#›
Liberty’s Focus on Privacy
• One objective of Liberty: Improve privacy through the
federated model
• Liberty addresses privacy in specification development
process
 Public Policy Expert Group exerted influence from day 1 on privacy
issues
 Liberty invites input from policy makers and privacy advocates
 Technology decisions are made to enhance privacy and make it easier
to implement good privacy practices
 Privacy and Security Best Practices were developed to
promote privacy-friendly implementations and deployments
 Security & Privacy Overview provides technical guidance on
‹#›
security and privacy ramifications of ID-WSF implementations
Liberty's Structure Promotes Privacy and Security
 Federated structure means no centralized
data storage that would be vulnerable to
attack
 Customer has more control of data because
the permissions related to a piece of data can
stay with that piece of data, guiding its use.
 Use of unique identifier for each pair of
service providers means that one key will not
unlock all data
‹#›
E-Government and
Identity
‹#›
The Promise of e-Government
 Transform the business of government through
Internet technologies to:





Improve public services
Increase convenience for citizens
Streamline business processes and improve efficiency
Reduce costs
Implement citizen-centric (rather than agency-centric)
services
 Prerequisite: e-citizen trust
‹#›
E-Government Needs
 Information sharing
 Government – business – education – citizen




Interoperability
Dynamic provisioning, de-provisioning
Cohesive way to identify citizens
Citizen privacy
‹#›
Why Identity is Important to Governments
 Citizen and business identity is key to ecitizen activity
 Identity is a primary data element
 Used across all administrations to provide services
 Use can result in positive or negative citizen
view of government
 Important for government to use correctly to create
citizen trust
‹#›
Concerns about Identity
 Citizens, agencies, business losing trust in webbased systems
 Privacy concerns:




60% won’t buy online
Is my private information kept confidential?
Within the administrations ?
Can administrations correlate my private information ?
 Security failures:
 ID theft is #1 consumer complaint
 Bad password management aids hackers
‹#›
Identity Defined and
Explained
‹#›
Digital Identity
 Prove through authentication:
 Are you who you say you are?
 Authentication is the foundation of all security
 Security of the system is only as strong as its weakest link
 Authentication is the only aspect of security that must involve
the user
‹#›
Forms of Authentication
 One factor (OK)
 What you know: password, name
 What you have: ticket, license, passport
Password:
########
 Two factor (Better)
 Combining factors
 What you know and what you have
 ATM card and PIN
 Multi factor (Best)
 Usually involves biometrics
 What you know, what you have,
who you are (biometrics)
 ID Card, spoken pass phrase
‹#›
Challenges with Identity
 Administrative issues
 Multiple authentication mechanisms
 Drivers license, passport, national identity card,
username/password combinations, certificates…
 Difficult to keep track of credentials
 Privacy issues




Internet usage may proliferate digital identity dissemination
Must preserve privacy while sharing information
Need solid ways to establish proof of digital Identity
Authentication must be done securely
‹#›
Liberty Alliance and
e-government
‹#›
Liberty Alliance
• Consortium developing open standards
• For federated identity management
• In coordination with other standards groups
• More than 150 participating members
• Government, business and consumer facing organizations
• World-wide cross-section of organizations
• Develops open specifications that anyone can implement
• Does not deliver specific products or services
• 20+ Liberty-enabled products and services available
• Addresses business & policy issues of identity
 Guidelines, best practices documents, checklists
 Support for global privacy regulations built into specs
‹#›
Liberty: Federated Model
 The federated model provides an answer to the needs
and requirements of governments
 Disparate mechanisms joined dynamically into a single,
logical whole
 May be different types, strengths
 Trust relationships established
 Authentication accepted
Provider
Provider
 Independent of
mechanism or authority
Provider
Provider
 No centralized control
 User can authenticate
Provider
locally, operate globally
Provider
‹#›
Win the Citizens' Trust in e-Government
 Liberty Alliance standards foster
end-to-end authentication and security
 Published and adhered-to policies create trust for
all parties involved: citizens and government
agencies
 Maintain trust: protect citizens' personal data by
using it only for the mutually intended purpose
adhering to the published policies
 Implement differential data access according to
‹#›
role and service
Freedom of Choice
 Choice of solutions from many vendors
 Open Source Software implementations
 Conformity with widely accepted industry
standards
 Public specifications, with unrestricted access
for everybody, create an even playing field
 Liberty Alliance standards create opportunities
for local industry and SMEs
‹#›
The Benefits for Governments
• Liberty adoption can increase confidence in, and use of,
mobile and web-based services
• Enhances trust among citizens, business, civil servants
• Governments easily, cost-effectively deploy services that appeal
to consumers/citizens
• Faster response time for critical communications
• Stronger security and risk management
• Ultimately
• Increased use of e-services
• Dramatic cost savings
• Support the Privacy State mission towards the Citizens
‹#›
The Liberty Advantage
 Open specifications — allows different systems
to interoperate and allows multiple vendor
competition
 Federated model — no central point of failure,
no intermediation between you and citizen
 Built on standards — works with legacy
systems
‹#›
Illustrated Use Case
‹#›
Without federated identity
A use case without federated identity :
A parent registers one of his children in a national school ;
he/she uses a government identification number and a password which
may be different for each ministry or agency;
Logon to the Ministry of Education : to register the child
Logon to the Ministry of Interior : obtain child's birth certificate
Logon to the Ministry of Finance : obtain proof of place of residence
Logon to the Ministry of Social Aid : if family eligible for social aid
Logon to Ministry of Interior : proof of legal guardianship
All information must be duplicated,
the citizen registers 5 times, may use 5 different identifications and passwords
‹#›
With federated identity
Citizen connects once through any government authority;
Automatically recognized by other government services
interior
education
Citizen authenticate to any
government authority
One sign-on opens all
connected services within the
circle of trust
finance
social aid
Citizen connects to any government authority within the circle of trust of public
services. Automatic update through integration between agencies
‹#›
Ideal situation
• Citizen or business entity authenticates to one
organization (e.g. tax portal)
• Results of authentication are accepted by others with
whom who you have authenticated
•
•
•
•
Motor vehicle department
Land recordation authority
Citizen aid organizations
Related businesses, etc.
‹#›
Other Use Cases
• Liberty-enabled e-learning system
• Government to school to citizen
• Educational content served to students
• Single sign-on, interoperability, openness – and privacy
• Local land records system
• Circle of trust among mortgage and title companies, customers and land
records department
• Streamlined land recordation with time and money savings
• Increased integrity of local government land records system
• Patient Medical File
• Circle of trust between the patient and the physicians
• Each medical practice accesses the relevant information
• Access is given by the patient enabling privacy
‹#›
Membership
Board and sponsor members include:
‹#›
Questions?
Liberty Alliance
www.projectliberty.org
‹#›
Related documents
“Contrasting the early 19th versus early 21st Centuries”
“Contrasting the early 19th versus early 21st Centuries”
Central Missouri Cardiovascular Associates P
Central Missouri Cardiovascular Associates P
Privacy Confidentiality Minor
Privacy Confidentiality Minor
IAPP presentation - International Association of Privacy Professionals
IAPP presentation - International Association of Privacy Professionals
Maintaining Privacy and Dignity in Care (Fiona Throp)
Maintaining Privacy and Dignity in Care (Fiona Throp)
Merenje koncentracije i trzisne moci privrednih
Merenje koncentracije i trzisne moci privrednih
Download
advertisement