Loading in 2 Seconds...
Loading in 2 Seconds...
Federating Identity Management in the Government of Canada. Identity North Conference November 20 th 2012. Presented by: Rita Whittle
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Federating Identity Management in the Government of Canada Identity North Conference November 20th 2012 Presented by: Rita Whittle Senior Director, Cyber Authentication and Identity Management Program
Government of Canada Context • Speech from the Throne and Budget 2012 • Citizen-focused service delivery - Improve services and service delivery to Canadians at a lower cost • Standardize, consolidate and re-engineer the way the GC does business • Whole-of-government approach: Modernize the way we work and serve Canadians in an increasingly horizontal and collaborative world • Expectations of Clients • Seamless, secure, e-enabled delivery channels • Better, faster and more convenient access to government services • Ability to interact seamlessly with multiple governments, through multiple channels
. . . Government of Canada Context • Payments Review Task Force Report • “A robust digital ID regime is one where identification is accomplished without paper documents or face-to-face visits, and in a way that protects sensitive information and the privacy of the individual.” • Called for the creation of a Canadian Digital ID and Authentication Council (DIAC) which is now in place • Becoming a Digital Nation (reference: Stratford Institute, 04/2012) • Increase Canada’s performance through digital technologies • Facilitate the transition to digital services, digital payments and digital identity • Trusting identities across jurisdictions must be solved using a pan-Canadian approach
Identity is the Starting Point for Services, Benefits and Entitlements High value services Today, identity is managed separately by each department, jurisdiction and sector… Financial Sector Public Sector Healthcare Sector Who are you? How will you pay? Who are you? Are you eligible for a government benefit? Who are you? What is your medical history? Identity riskstranslate into: Identity riskstranslate into: Identity riskstranslate into: ! ! ! • Sector Issues • Financial fraud • Money laundering • Higher transaction fees • Sector Issues • Benefits fraud • Longer processing times • Redundant processes • Sector Issues • Prescription fraud • Patient Privacy • Record integrity … but the impacts are felt by everyone
Vision: Pan-Canadian Approach Collaborative effort between jurisdictions and sectors Principles: • Respect privacy • Client choice • Governments have a key role to play • Collaborate with trusted private sector institutions • Phased approach to evolving services and infrastructure • Federated Approach • Trusting credentials and identities: • Across jurisdictions • Across sectors • Internationally Federating Credentials Federating Identity ‘trusting identities that have been established by other jurisdictions’ ‘trusting credentials issued by other jurisdictions and industry sectors’
Identity Context • Identity information is required for valued transactions • It is the starting point of management of interactions and transactions (initial and on-going) in all sectors, necessary for service provisioning, determining access, granting of benefits and entitlements, etc. • Risk related to identity information impacts the immediate interaction/transaction and can impact other downstream activities • Identity information exists and is managed across orders of government • Digital Identity is becoming increasingly important • Financial and social interactions are becoming digital • Necessary for transition to online channel, advancing the digital economy of Canada • Key to Integrating processes across organizations and jurisdictions • Must align with international trends • Identity theft and fraud • Speed of fraud in cyberspace vs. in the physical world • Criminal element has moved online
Commercial GC Issued Other jurisdictions Evolution to Federating Identity Federating Credentials Federating Identity GC Approach Pan-Canadian Approach Cyber AuthenticationService GC Identity FederationService Identity FederationService Federation Enablers Pilot Projects Mandatory Services Identity Services GC IdentityAssurance Service IdentityFederation Services GC Identity Validation Service Policy Enablers Legislative Enablers Credential FederationServices Standards-based Standards-based Standards-based Federation Federation Federation • GC Identity Validation Service • Identity Business & Technical Architecture • DIAC Governance • Commercial Services • Multiple Authoritative Identity Sources • Multiple Recognized Providers • Multiple Credential Options • Multiple Levels of Assurance
Strategic Relationships • Inter-jurisdictional: Joint Councils – Public Sector Service Delivery Council and Public Sector CIO Council • Identity Management Sub-Committee (IMSC) • Composition: Federal, Provincial, Territorial, Municipal • International Dialogues • Other governments - United States, Australia, New Zealand, U.K. • Kantara Initiative • ICA (International Council for Information Technology in Government Administration) • Digital ID and Authentication Council (DIAC) • Public and private sector forum recommended by the Task Force for Payments System Review • Mandated to develop pan-Canadian approach to digital ID and authentication and facilitate development of interoperable policies, standards and systems • Composition: Independent Chair (private industry); Government Representatives; Industry Representatives (telecommunications, banks, health); Independent Representatives
Choice of Credentials • Credential Broker Service - An innovative relationship with private sector • SecureKey Concierge operational since April 2012 - Enables log in to GC online services using commercially available credentials (currently three Canadian financial institutions: Scotiabank, TD, BMO) • Leverages the investments made in security and infrastructure in the private sector • To respect privacy, minimal and non-personally identifiable information is managed and used through Credential Broker Service • Positions the GC to benefit from ongoing industry investments in evolving and strengthening assurance levels • GC Key Service – Provides option to use a GC credential • Ensures all GC clients have ability to log in to e-services • Implementation is currently underway by GC departments
Identity Management: Strategy-in-Brief • GC’s strategy on identity management is based on a federated approach using the following principles: • Give choices to citizens and businesses to decide on how they want to identify themselves to receive services • Enable a “tell us once” strategy by allowing the re-use of personal identity information across multiple service delivery channels • Ensure the integrity of the information through validation from trusted (authoritative) sources of identity information • Establish interoperability standards • Partner with other jurisdictions and the private sector to deliver solutions • Promote a fair and equitable competitive market place • Policy instruments to support federating identity in the GC are currently under development (standard and guidelines)
Moving Forward • TBS is leading discussions on federating identity within the GC, building on solid cyber authentication base • Open to future enhancements • Flexible in meeting GC program needs • Providing client choice • Privacy central to any plans for federating identity going forward • Policy positions will be evolved through continuing engagement and consultation with GC departments • Discussions underway with GC departments to explore suitable candidates for e-validation pilot projects – one for individuals, one for businesses • Will inform the broader GC federating identity strategy moving forward • demonstrating business value and technical feasibility • identifying potential policy and legislative considerations • Continuing analysis underway