Eema estonia matthew_gardiner


Published on

EEMA Identity Management Conference in Estonia June 2011

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Eema estonia matthew_gardiner

  1. 1. when title <br />IS NOT a question<br />there is NO ‘WE CAN’in the box<br />The European e-Identity Management Conference<br />Which One is Not Like the Others <br />A Comparison of Open Identity Initiatives from Governments Around the World<br />Matthew Gardiner, CA Technologies<br />June 8th, 2011<br />
  2. 2. Which One is Not Like the Other is a Fun Game!<br />
  3. 3. Joe’s Fish Market.Com<br />Tropical, Fresh Water, Shell Fish, Lobster,Frogs, Whales, Seals, Clams<br />Simple reminder why we are hereIdentity was never designed into the Internet <br />3<br />
  4. 4. All Governments Face This Challenge As WellOne Citizen & Many eGov. Applications<br />Law Enforcement<br />Student Loans<br />Health Care<br />Pensions<br />Social Welfare<br />Courts<br />Tax<br /> Military<br />
  5. 5. Significant Innovation is Happening in this AreaInternet Boundaries are Being Pushed!<br />
  6. 6. Many Identity-Centric Government Initiatives Happening Around the World <br />
  7. 7. These Programs Raise Fundamental Questions<br />Centralized .vs. decentralized solutions<br />Internet is global, sovereign boundaries are not<br />Proper role of government<br />Compulsory .vs. optional participation<br />Online crime<br />Prevention .vs. Enforcement<br />Scope of the solution<br />Government use only or enabling private online commerce as well?<br />Trust in government<br />Who should pay for the solution & how much?<br />Role & level of control for the user<br />
  8. 8. One Way to Compare the Government Approaches<br />
  9. 9. Quick Facts<br />5 Million delivered & 80+SPs certified (30 in production)<br />30%-40% are “switched-on” for online identification<br />Advantages<br />Dual use – physical + virtual – aides value proposition<br />Explicit user consent during online usage increases confidence<br />Compulsory possession increases ubiquity (ultimately) at least in Germany<br />Disadvantage<br />Tight application (SP) controls will reduce SP uptake<br />Card reader dependence is challenging for users<br />Current online experience is clunky<br />Government involvement in private commerce<br />Takeway<br />Effective to facilitate large scale German & European eGov. transactions, but hard to envision operating at Internet scale for private commerce<br />GermanyNeuePersonalausweis<br />
  10. 10. New Zealandigovt Service<br />Quick Facts<br />igovt verification & igovt logon are complementary, but separate services<br />Logon support uid/password & OTP via text or hard tokens<br />220K accounts, 1.25M logons to date, 23 agencies connected<br />Advantages<br />Simple for user - Single service for all government access<br />No cost to the user<br />Agencies reduce identity management costs<br />Has verified attributes – name, date of birth, place of birth, sex<br />Disadvantage<br />Doesn’t address commercial application access<br />Is there a killer application from the user’s point of view to increase usage?<br />Takeaway<br />Valuable service to ease access to eGov applications, with prospect of bridging into commercial applications<br />
  11. 11. USAFICAM/NSTIC<br />Quick Facts<br />FICAM – Government wide initiative to improve identity management<br />Policies support the use of 3rd-party identity providers<br />NSTIC - Presidential initiative to make online transactions more secure for businesses & consumers by catalyzing an identity ecosystem<br />Advantages<br />Leverage the reduced cost & increased convenience of 3rd-party identity providers<br />Lots of choices for users, participation totally optional for all<br />Flexible on security, usability, & cost<br />Disadvantage<br />Trying to take on the whole Internet identity problem all at once - complex<br />Not clear that a real marketplace will be catalyzed<br />Will agencies be innovative enough (Invest $) to move this forward?<br />Takeaway<br />Very big vision, impact could be profound or non-existent<br />
  12. 12. How to get this to Internet Scale?People will need multiple authentication providers<br />For Different contexts & Different levels of assurance<br />Social Networks<br />Educational Institutions<br />Financial Institutions<br />Governments<br />Industry Consortia<br />Employers<br />Credit Bureaus<br />Professional<br />Associations<br />
  13. 13. Government’s should focus on enabling access to their eGov applications <br />Spillover to commercial transactions can come as the marketplace matures<br />Role of government online should remain consistent with role of government offline<br />Users will not have a single online identity provider<br />Not practical for Internet scale usage<br />User’s key attributes are not held by a single organization<br />Watch for the use of Trust frameworks to help catalyze this market by making trust establishment more real-time<br /><br />Takeaways<br />
  14. 14. thank you<br />
  15. 15. For Everyone<br />Critical mass of high-demand online services <br />Use of standards & interoperability, <br />Trust frameworks & certified identities to automate trust establishment<br />For IdPs<br />Money for their services<br />Limitation on liability<br />Confidence of good behavior by RPs<br />For RPs<br />Competitive choice of IdPs, Understanding that identity verification costs real money & can be outsourced<br />For user<br />Choice, Privacy respecting, Portability of identities between communities<br />What is needed for this market to takeoff?<br />