Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

BCS ITNow 201509 - Identity

103 views

Published on

Identity is at the root of who we are as individuals when it comes to matters of trust, says Gareth Niblett, Chair of the BCS Information Security Specialist Group.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

BCS ITNow 201509 - Identity

  1. 1. Trust also extends to organisations, devices, and applications that are permitted to perform certain functions, where identity assurance, security and privacy are paramount. It is also important with internet of things widgets. In Estonia, you can get a government- issued electronic identity (eID) card, in the form of a National ID/residency card, digital ID card, or mobile-ID SIM, each of which have two digital certificates (one for authentication and another for digital signature) to access government and commercial services, and sign documents. In the UK, you can use some private companies to go through various processes to prove your identity and get a GOV.UK Verify login to a restricted number of UK government websites. This approach will naturally limit the use and usefulness of this identity scheme, which appears to be little more than a gov.uk login. A lot of issues stem from the failed approach to introduce a national ID card that was citizen-, rather than government- centric. Without a consistent trust anchor, and associated liability model, we are unlikely to get the rich integration available in other places. Electronic ID needs both confidence and convenience. Over the coming year, EU countries must prepare to meet eIDAS regulation to support cross-border electronic identification and trust services. Federation of eID is the natural way to go and some countries will be better positioned for it, INFORMATION SECURITY and have a competitive advantage over those still figuring things out. Identity management as a service for cloud will need trust frameworks and APIs, ensuring robust enrolment, and supporting federated authentication with appropriate levels of assurance. There will be many components that have to work end-to-end and be considered at an early stage in the design process. Identity is at the root of who we are as individuals when it comes to matters of trust, says Gareth Niblett, Chair of the BCS Information Security Specialist Group. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION doi:10.1093/itnow/bwv066©2015TheBritishComputerSocietyImage:Thinkstock IDENTITY September 2015 ITNOW 23

×