Your SlideShare is downloading. ×
Federated e-Identity Management across GCC Countries
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Federated e-Identity Management across GCC Countries

355
views

Published on

Presented at: World e-ID Congress: Identity Services for Government Mobility & Enterprise Conference | Sept 25-27, 2013 | Nice, French Rivera, France.

Presented at: World e-ID Congress: Identity Services for Government Mobility & Enterprise Conference | Sept 25-27, 2013 | Nice, French Rivera, France.

Published in: Technology, Business

1 Comment
3 Likes
Statistics
Notes
  • I'm very interested you
    you have more information ,good luck
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
355
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
35
Comments
1
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved World e-ID Congress: Identity Services for Government Mobility & Enterprise Conference | Sept 25-27, 2013 | Nice, French Rivera, France. Federated e-Identity Management across GCC Countries P a r t n e r s i n B u i l d i n g U A E ' s S e c u r i t y & E c o n o m y Our Vision: Provide an integrated and advanced personal identity management system that contribute to the transformation of the government and the economy and promotes security and global competitiveness of the UAE. Presented by: Dr. Ali M. Al-Khouri
  • 2. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Introduction: Scattered Practices • Silos of identity management systems! • Interoperability and mutual trust? • Need to establish a trusted IDENTITY for an individual that can be used across domains, by service providers. • The advantages and benefits of such mutual trust systems have been cited at numerous forums and have been well established.
  • 3. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Introduction: Identity Federation • Global initiatives on Identity Federations since last 20 years
  • 4. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Identity Federation: Still a Developing Field! • Identity Federation is still a developing science.. • Implementations vary and trust mechanisms differ. • Different frameworks are put forth.
  • 5. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Frameworks: Concepts vs. Practices The basics and concepts of Identity Federation are rather old and well understood .. • Different frameworks and initiatives leading to trust establishment between different service providers (relying parties) based on the Identity Verification/ Authentication. • All of these are based on Open Standards and use SAML Assertion.
  • 6. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Identity Federation Considerations
  • 7. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Identity Federation: Identity Provider Role Pivotal & key role in the Identity Management
  • 8. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Cross Border Identity Management In the context of multi-organization identity management systems, the ID provider’s role then becomes crucial in the authentication of users.
  • 9. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Mutual Trust The service providers need to trust the identity provider with respect to the authentication of users.
  • 10. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Decentralising Identity Management Each Service Provider manages their own identity management system that determines eligibility, privileges, etc. to authenticated service seekers, while the identity itself is managed by the Identity Provider.
  • 11. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Examining Identity Federation & Management
  • 12. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Building Trust • There are well established models that have prompted Governments to move up the value chain in the Identity Systems. • Governments for long have been the de-facto identity providers to their citizens and residents, e.g., passports, ID cards, driving licenses, election cards and so on. • With Trust and Identity Assertion becoming the need of the hour (with the advancement of the internet and remote service delivery), the Government Identity systems have evolved into the current Smart Identities complete with Digital Identity, various electronic identifiers, and credentials.
  • 13. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Identity Federation in GCC Countries GCC Government ID Programs fit these requirements fully & are compliant to all the design requirements of an interoperable and federated identity in GCC.
  • 14. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved International Case Studies and Benchmarks • Examine the design aspects of Identity Federation to make a case for an International Cooperation and interoperability across the GCC- especially in the light of the success reported by the STORK Project and the current STORK 2.0 initiative. Stork > Stork 2.0 >>> GCC??? Single European e-Identification and Authentication
  • 15. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved serves as a perfect platform for establishing trust between different entities cutting across borders National ID Card as enabler for Digital Transactions
  • 16. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Digital ID Issuance, Services & Magmt – GCC Context
  • 17. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Digital Identity – GCC Context Key to the Digital Identity is the ownership of the Government ..
  • 18. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Digital Identity – GCC Context Identity Assurance from the Government need to be backed by a Legal System and a National ID Authentication Framework consisting an Authentication Gateway delivering ID Verification and Validation Services with an effective ID Lifecycle Management.
  • 19. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved All this needs now is to ensure that IDs are interoperable and “digitally” recognized across borders All GCC countries have their individual Digital ID Systems GCC Identity Federation: the Missing Piece? Interoperable ID?
  • 20. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Digital Identity- the GCC Context National Identity Providers in GCC bloc should extend their services to ACT as a PROXY for each other. This will BRIDGE Identity Providers in a seamless bind for individual digital ID holders across the Identity Providers.
  • 21. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Digital Identity- the GCC Context Authentication carried out by the Home ID Provider can be passed on as a “token” to another ID provider.
  • 22. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved National ID Card & Federated Identity
  • 23. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved GCC & Federated Identity
  • 24. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Conclusion: If we really want to get there! A Federated Identity Service Beneficiaries: 1. User with Digital Identity 2. Service Provider (SP) Customers of the Federated Identity Services!
  • 25. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Understanding Customers Mindsets Need to define service specifications and reach the delight levels of both ends of the customer spectrum.
  • 26. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved The Challenge ..
  • 27. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Conclusion 1. A single PAN GCC Digital Identification and Authentication area 2. GCC e-ID Interoperability Platform that will allow citizens to establish and conduct e-transactions across borders, just by presenting their national e-ID 3. Cross-border user authentication enabling access to education resources, commercial transactions, banking transactions etc. The benefits from such an Identity Federation scheme are enormous and will take the current economic cooperation of GCC to higher levels.
  • 28. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved What could Federated Identity bring to GCC? 1. Knowledge Management  Access to Education material for students across universities 2. Healthcare Management  Access to healthcare services and insurance with a single identification and authentication 3. Government Services 4. IT Transformation  Cloud Services Access
  • 29. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Conclusion: Interoperability • Interoperability will certainly become a precondition backbone for future development efforts, whether its social, economical, political, etc. • Sustainability will become more associated with interoperability. • As the world gets more ubiquitously connected, countries, and governments in particular would need to act as such.. • This would be a spinning riddle; conundrum for some(LONG)time until it gets resolved!
  • 30. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved Thank you Dr. Ali M. Al-Khouri Director General | Emirates Identity Authority | UAE www.emiratesid.ae | ali.alkhouri@emiratesid.ae | Read our recent research from: http://www.emiratesid.gov.ae/ar/media-center/publications.aspx @DrAliAlKhouri