More Related Content
Similar to Federated e-Identity Management across GCC Countries (20)
More from Arab Federation for Digital Economy (20)
Federated e-Identity Management across GCC Countries
- 1. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
World e-ID Congress: Identity Services for Government Mobility
& Enterprise Conference | Sept 25-27, 2013 | Nice, French Rivera, France.
Federated e-Identity Management
across GCC Countries
P a r t n e r s i n B u i l d i n g U A E ' s S e c u r i t y & E c o n o m y
Our Vision: Provide an integrated and advanced personal identity management system that
contribute to the transformation of the government and the economy and promotes security and
global competitiveness of the UAE.
Presented by: Dr. Ali M. Al-Khouri
- 2. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Introduction: Scattered Practices
• Silos of identity management systems!
• Interoperability and mutual trust?
• Need to establish a trusted IDENTITY for an individual that
can be used across domains, by service providers.
• The advantages and benefits of
such mutual trust systems have
been cited at numerous forums and
have been well established.
- 3. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Introduction: Identity Federation
• Global initiatives on Identity Federations since last 20 years
- 4. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Identity Federation: Still a Developing Field!
• Identity Federation is still a
developing science..
• Implementations vary and
trust mechanisms differ.
• Different frameworks are put
forth.
- 5. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Frameworks: Concepts vs. Practices
The basics and
concepts of Identity
Federation are rather
old and well
understood ..
• Different frameworks and initiatives leading to trust establishment
between different service providers (relying parties) based on
the Identity Verification/ Authentication.
• All of these are based on Open Standards and use SAML
Assertion.
- 7. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Identity Federation: Identity Provider Role
Pivotal & key
role in the Identity
Management
- 8. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Cross Border Identity Management
In the context of
multi-organization
identity
management
systems, the ID
provider’s role
then becomes
crucial in the
authentication of
users.
- 9. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Mutual Trust
The service
providers need to
trust the identity
provider with
respect to the
authentication of
users.
- 10. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Decentralising Identity Management
Each Service
Provider manages
their own identity
management
system that
determines
eligibility,
privileges, etc. to
authenticated
service seekers,
while the
identity itself is
managed by the
Identity Provider.
- 11. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Examining Identity Federation & Management
- 12. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Building Trust
• There are well established models that have prompted
Governments to move up the value chain in the Identity
Systems.
• Governments for long have been the de-facto
identity providers to their citizens and residents, e.g.,
passports, ID cards, driving licenses, election cards and so
on.
• With Trust and Identity Assertion becoming the need of
the hour (with the advancement of the internet and
remote service delivery), the Government Identity
systems have evolved into the current Smart Identities
complete with Digital Identity, various electronic
identifiers, and credentials.
- 13. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Identity Federation in GCC Countries
GCC
Government ID
Programs fit these
requirements fully
& are compliant to
all the design
requirements of an
interoperable
and federated
identity in GCC.
- 14. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
International Case Studies and Benchmarks
• Examine the design aspects of Identity Federation to
make a case for an International Cooperation and
interoperability across the GCC- especially in the light of
the success reported by the STORK Project and the
current STORK 2.0 initiative.
Stork > Stork 2.0 >>> GCC???
Single European e-Identification and Authentication
- 15. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
serves as a perfect platform for establishing trust between
different entities cutting across borders
National ID Card as enabler for Digital Transactions
- 16. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital ID Issuance, Services & Magmt – GCC Context
- 17. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital Identity – GCC Context
Key to the Digital
Identity is the
ownership of the
Government ..
- 18. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital Identity – GCC Context
Identity Assurance from
the Government need
to be backed by a
Legal System and a
National ID
Authentication
Framework consisting
an Authentication
Gateway delivering ID
Verification and
Validation Services with
an effective ID
Lifecycle Management.
- 19. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
All this needs now is
to ensure that IDs
are interoperable
and “digitally”
recognized across
borders
All GCC countries have their individual Digital ID
Systems
GCC Identity Federation: the Missing Piece?
Interoperable ID?
- 20. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital Identity- the GCC Context
National Identity Providers in GCC bloc should extend their
services to ACT as a PROXY for each other. This will BRIDGE
Identity Providers in a seamless bind for individual digital ID
holders across the Identity Providers.
- 21. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital Identity- the GCC Context
Authentication carried out by the Home ID Provider can be
passed on as a “token” to another ID provider.
- 24. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Conclusion: If we really want to get there!
A Federated Identity Service Beneficiaries:
1. User with Digital Identity
2. Service Provider (SP)
Customers
of the
Federated
Identity
Services!
- 25. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Understanding Customers Mindsets
Need to define service specifications and
reach the delight levels of both ends of
the customer spectrum.
- 27. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Conclusion
1. A single PAN GCC Digital Identification and
Authentication area
2. GCC e-ID Interoperability Platform that will allow
citizens to establish and conduct e-transactions
across borders, just by presenting their national
e-ID
3. Cross-border user authentication enabling access
to education resources, commercial transactions,
banking transactions etc.
The benefits from such an Identity
Federation scheme are enormous and will
take the current economic cooperation of
GCC to higher levels.
- 28. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
What could Federated Identity bring to GCC?
1. Knowledge Management
Access to Education material for students
across universities
2. Healthcare Management
Access to healthcare services and insurance
with a single identification and authentication
3. Government Services
4. IT Transformation
Cloud Services Access
- 29. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Conclusion: Interoperability
• Interoperability will certainly become a
precondition backbone for future development
efforts, whether its social, economical, political,
etc.
• Sustainability will become more associated with
interoperability.
• As the world gets more ubiquitously connected,
countries, and governments in particular would
need to act as such..
• This would be a spinning riddle; conundrum for
some(LONG)time until it gets resolved!
- 30. www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Thank you
Dr. Ali M. Al-Khouri
Director General | Emirates Identity Authority | UAE
www.emiratesid.ae | ali.alkhouri@emiratesid.ae |
Read our recent research from:
http://www.emiratesid.gov.ae/ar/media-center/publications.aspx
@DrAliAlKhouri