SlideShare a Scribd company logo

Government's Role in Digital Identity Management

•Download as PPTX, PDF•
•
Don Lovett
Don Lovett

Explore the intersection of identity management, government roles and responsibility, and personal control of digital identity. Introduces some of the Linux Foundation work in the Hyperledger Aries Project

Presentations & Public Speaking
1 of 40
The Role of Government in Identity Management Don Lovett don@projectbits.com Ottawa Cyber Security Meetup Tuesday, February 16, 2021
The Bottom Line 2
Today’s Agenda 1. What is the role of Government? 2. Where does trust fit in? 3. Digital Identity is broken, poor Authorization, Authentication, and Access practices weaken cybersecurity 4. What can be done? 5. How can government play a role? Let’s dive in 3
How Do Individuals and Governments Fit Together? Society Individual NGO Academic Religious Commercial Government 4
Economy Acceleration 'As proven in Canada, a digital ID ecosystem is not only a motor to connect people, governments and the private sector in a trusted and transparent way – but it also accelerates participation in the economy, work and mobility’ —Vidya ShankarNarayan, Assistant Deputy Minister and CIO, Agriculture and Agri-Food Canada and previously Director General, Digital Government Source: https://www.weforum.org/agenda/2021/01/davos-agenda-digital-identity- frameworks 5
The Why McKinsey - Digital identification: A key to inclusive growth • https://www.mckinsey.com/business- functions/mckinsey-digital/our- insights/digital-identification-a-key-to- inclusive-growth 6
McKinsey – Economic Value Follow the money “In 2030, digital ID has the potential to create economic value equivalent to 6 percent of GDP in emerging economies on a per-country basis and 3 percent in mature economies, assuming high levels of adoption” Source: https://www.mckinsey.com/business-functions/mckinsey- digital/our-insights/digital-identification-a-key-to-inclusive-growth 7
What is the Role and Authority of Government? Rights of Government and of Citizens Foundation Principals from mid 17th century Philosopher John Locke Life, Liberty and the Pursuit of …? Happiness? Property? Privacy, Security, and Confidentiality Protections Source: https://www.earlymoderntexts.com/assets/pdfs/locke1689a.pdf 8
What Services does the Government Provide? How many services require identity? Source: https://www.usa.gov/ 9
What can Individuals Do to Balance Privacy and Convenience? 10
How do Governments interact with Individuals? Privacy Warning Who are you? What are you? Where are you? How Are You? 11
Primary Government Roles in Identity Issue Proof Documents Permissions and Authorizations and Promote Standards 01 Secure and Validate Credentials and Claims 02 Record Certain Life Events 03 Confirm Access to Benefits and Entitlements 04 Establish Trust in Proofs and Claims while Protecting Privacy 05 12
Establishing Trust How we make trust decisions? Technology • Is it a legitimate representation? Governance • Is the source of the representation trustworthy? • Where does their authority come from? • Do they have trusted processes? Source: https://trustoverip.org/wp -content/uploads/sites/98/2020/05/toip_050520_primer.pdf 13
Government Case Study Government issues many types of permissions and authorizations Foundational Issuances • Birth, Death Certificates • Legal Entities Registrations • Land Registration Hundreds of others grounded in foundational credentials • Health, Drivers Licenses, Education, Social Services, etc. • Business licensing, Natural Resources, Climate, etc. Economy is underpinned by Government https://trustoverip.org/wp -content/uploads/sites/98/2020/05/toip_050520_primer.pdf 14
The Trust Machine The blockchain lets people who have no particular confidence in each other collaborate without having to go through a neutral central authority. Simply put, it is a machine for creating trust. Source: https://www.economist.com/leaders/2015/10/31/the-trust-machine 15
Government Attempts – Old Challenges Government Service Delivery Many efforts, over the years, to find a way to deliver a simple approach for businesses faced with a multiservice/jurisdiction journey • None have succeeded at any scale (more than a few services) • Economy and Government services are constantly changing • Our governance model is aligned to In-Person trust All these services have one thing in common … Source: https://trustoverip.org/wp -content/uploads/sites/98/2020/05/toip_050520_primer.pdf 16
Digital Identity The Missing Foundational Piece of Digital in Transformation Efforts 17
Self- sovereign identity (SSI): The true password killer How can we make security more convenient? • While SSO and 2FA are great improvements over traditional, centralized usernames and passwords, they still don’t let us have our cake and eat it too — that is, they don’t give us both security and convenience. • But there’s an emerging technology that does. It’s called self- sovereign identity (SSI). Source: https://www.securitymagazine.com/articles/93356-self-sovereign-identity-the-true-password-killer 18
Self Sovereign Identity (SSI) Credential Flow Self-sovereign identity in the context of data protection and privacy (yourstory.com) The How Government Roles: Government issues holds and verifies credentials and claims SSI allows cryptographic integrity 19
OrgBook BC A success story • https://orgbook.gov.bc.ca/en/home About OrgBook BC This new service uses cutting-edge blockchain-based technology, which provides the foundation to help BC move to a digital economy. OrgBook BC supports our goal to streamline and modernize services for British Columbians as part of our broader Digital Government Strategy. 20
How Can I get involved? Linux Foundation Identity • https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS172x+3T2019/course/ • https://training.linuxfoundation.org/ • https://www.linuxfoundation.org/ 21
Call to Action Think about control and ownership of identity and how it can enhance your cybersecurity footprint Think about Demand to know where your personal information is going and how it is stored Demand Find Out what your identity information is being used for Find out Learn more about identity tools and processes including Self Sovereign Identity Learn 22
The Bottom Line 23
Questions? 24
Appendix Additional Information 25
Self Sovereign Identity implementations • Just a few of the SSI implementations that were launched in 2020 or are pending launch in early 2021 include: • IATA Travel Pass will be the first verifiable credential capable of providing proof of COVID-19 test and vaccination status at airports around the world, • NHS Staff Passport is the first portable digital identity credential for doctors and nurses in one of the largest public healthcare networks in the world, • GLEIF (the Global Legal Entity Identifier Foundation), based in Switzerland and the only global online source that provides open, standardized and high quality legal entity reference data, is committed to following the SSI model for digital identity credentials for companies. • SSI4DE, co-funded by the German Federal Ministry of Economic Affairs, supports showcases for secure digital identities in Germany, and Chancellor Angela Merkel declared digital identity as a priority matter during December 2020. • CULedger MemberPass brings SSI to financial services with Credit Union customer identity verification, • Farmer Connect is realizing is vision to “Humanize consumption through technology” by enabling and empowering individual coffee farmers to more easily work with global enterprises, and reducing costs and inefficiencies for large companies to work directly with small and often remote farmers. • Lumedic Exchange is the first network designed exclusively for patient-centric exchange of healthcare data using SSI-based verifiable credentials. Source: https://sovrin.org/2020-how-ssi-went-mainstream/ 26
Government Blockchain Association Source: https://www.gbaglobal.org/ 27
ACT-IAC Source: https://www.actiac.org/hot-topics/blockchain American Council for Technology and Industry Advisory Council 28
More Information https://sovrin.org/developers/ Video The Sovrin Network- Making Self-Sovereign Identity a Reality • https://vimeo.com/305420834 Trust over IP • https://wiki.trustoverip.org/display/HOME/Trust+Over+IP+Fou ndation Books • https://www.manning.com/books/self-sovereign-identity • https://www.anthempress.com/the-domains-of-identity-pb Courses • https://digitaldefynd.com/best-hyperledger-fabric-courses/ 29
Digital Identification and Authentication Council of Canada - DIACC • Interoperability: Digital Identity You Can Use • The DIACC is committed to unlocking economic opportunities for Canadian consumers, and businesses by providing the framework to develop a robust, secure, scalable and privacy-enhancing digital identification and authentication ecosystem that will decrease costs for everyone while improving service delivery and driving GDP growth. • The DIACC Trust Framework Expert Committee (TFEC) represents a diversity of public and private sector stakeholders who collaborate to deliver resources that help to solve and secure identity including: validated use cases, standards, model agreements, international alignments, and informative policy development recommendations. https://diacc.ca/the-diacc/
NIST - Identity and Access Management Roadmap OMB Policy Memo M-19-17 assigned the Department of Commerce (NIST) the responsibility to publish and maintain a roadmap for developing new and updating existing NIST guidance related to Identity and Access Management (ICAM). NIST Information Technology Laboratory will publish and update this Roadmap at the NIST Identity and Access Management Resource Center. The Roadmap presents milestone activities, projected activity completion dates by fiscal year quarter, and explanatory notes for the following activities: NIST Special Publication 800-63 NIST SP 800-63-3 Implementation Resources NIST SP 800-63A and SP 800-63B Conformance Criteria NIST Special Publication 800-63 Revision 4 Personal Identity Verification (PIV) Guidance (FIPS 201 Revision3) NCCOE Identity Projects https://www.nist.gov/topics/identity-access-management/identity-and- access-management-roadmap 31
What is needed? https://www.evernym.com/blog/the-three-pillars-of- self-sovereign-identity/ 30
OrgBook BC 31
GreenLight Orgbook This new service is a decentralized workflow application - a mapping tool - that helps you navigate the sometimes tricky license and permit process. It uses cutting-edge blockchain technology to show you not only the steps to getting your permit or license, but more importantly, the interdependencies that might be involved. Using a colour-coded flow diagram, GreenLight helps you build up the credentials you need to get the "green light" to operate! Source: https://dev-greenlight.orgbook.gov.bc.ca/ 32
Estonia Already Lives Online Once they’re in the system, Estonians don’t need to fill out forms, thanks to the country’s “once-only” rule, which mandates that the government is allowed to ask for any given piece of information only one time. Authenticated digital signatures are also more secure than their handwritten counterparts, a source of bemusement to Estonians, who “think it’s crazy that much of the world still signs with a pen,” Source: https://www.theatlantic.com/international/archive /2020/05/estonia-america-congress-online- pandemic/612034/ 33
Connection Points – World Economic Forum Source: https://intelligence.weforum.org/topics/a1G0X000005JJGcUAO?tab=publications 34
New Risks Source: https://trustoverip.org/wp-content/uploads/sites/98/2020/05/toip_050520_primer.pdf 35
Tell Us Once - UK Government Availability: • Not released Published by: • Department for Work and Pensions Last updated: • 12 December 2013 Topic: • Society License: • None Summary • Tell Us Once is a service which allows people to report a birth or death to most government organizations in one go. • The Tell Us Once Database records details of the life event and the information recorded can include the data of • birth or death, Names, National Insurance Number, Driving License and Passport details. • Information is held for a maximum of 35 days then deleted. Source: https://data.gov.uk/dataset/fb4b924c-7a42-433a-8280- 78a924a00a94/tell-us-once 36
New Approach Source: https://trustoverip.org/wp-content/uploads/sites/98/2020/05/toip_050520_primer.pdf 37
Don Lovett Bio Mr. Lovett is a Business and Technology Leader who is passionate about the promise of Sovereign Identity. He recently served as the Chief Information Officer (CIO) in the Office of Contracting and Procurement Agency, which annually procures $5.7 billion of goods and services for the District of Columbia Government. In this leadership role, he activated a digital transformation strategy with a focus on linking improvements in data accuracy, security, accessibility, and transparency to improvements in customer experience. Mr. Lovett was the Founder and Principal Consultant at ProjectBits Consulting, where he provided Public Sector, Hi-Tech, Telecom, Financial Services, Manufacturing, and Distribution clients with business and technology solutions and advice. Before that, he had a decade-long career at KPMG where he was admitted to the Partnership. Mr. Lovett has a Master’s Degree in Business Administration (MBA) from the University of Houston and a Bachelor’s in Accounting from the University of Houston. He served as an affiliate faculty member at Regis University for 5 years teaching graduate-level students in organizational and operational aspects of project management. He has earned graduate- level certificates in Software Engineering from the University of Texas and Telecommunications Management from the University of Dallas. He also holds SSCP, CSM, and PMP designations. Don Lovett don@projectbits.com 703-434-1660 Mobile https://www.linkedin.com/in/donlovett/ 38

Recommended

Privileged Account Management - Keep your logins safe
Privileged Account Management - Keep your logins safePrivileged Account Management - Keep your logins safe
Privileged Account Management - Keep your logins safeJens Albrecht
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
Content Aware SIEM™ defined
Content Aware SIEM™ definedContent Aware SIEM™ defined
Content Aware SIEM™ definedEnterprise Technology Management (ETM)
 
GDPR
GDPRGDPR
GDPRRajivarnan R
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Aggregage
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Wendy Knox Everette
 
A Case Study on Payment Card Industry Data Security Standards
A Case Study on Payment Card Industry Data Security StandardsA Case Study on Payment Card Industry Data Security Standards
A Case Study on Payment Card Industry Data Security StandardsVictor Oluwajuwon Badejo
 

Recommended

Privileged Account Management - Keep your logins safe
Privileged Account Management - Keep your logins safePrivileged Account Management - Keep your logins safe
Privileged Account Management - Keep your logins safeJens Albrecht
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
Content Aware SIEM™ defined
Content Aware SIEM™ definedContent Aware SIEM™ defined
Content Aware SIEM™ definedEnterprise Technology Management (ETM)
 
GDPR
GDPRGDPR
GDPRRajivarnan R
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Aggregage
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Wendy Knox Everette
 
A Case Study on Payment Card Industry Data Security Standards
A Case Study on Payment Card Industry Data Security StandardsA Case Study on Payment Card Industry Data Security Standards
A Case Study on Payment Card Industry Data Security StandardsVictor Oluwajuwon Badejo
 
Data Driven Security in SSAS
Data Driven Security in SSASData Driven Security in SSAS
Data Driven Security in SSASMike Duffy
 
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingPCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingAlienVault
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud ApplicationsIBM Security
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016Karla Sasser, CPA CITP, CIA, CGMA
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoJonathan Eubanks
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webDerrick McBreairty
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditSecurityMetrics
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
Requirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
Requirements and Security Assessment Procedure for C7 To Be PCI DSS CompliantRequirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
Requirements and Security Assessment Procedure for C7 To Be PCI DSS CompliantOlivia Grey
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Wendy Knox Everette
 
Digital Guardian and CDM
Digital Guardian and CDMDigital Guardian and CDM
Digital Guardian and CDMGreg Cranley
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage PreventionMicrosoft TechNet - Belgium and Luxembourg
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Ulf Mattsson
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
 
Sql securitytesting
Sql securitytestingSql securitytesting
Sql securitytestingThilak Pathirage -Senior IT Gov and Risk Consultant
 
One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017Guy Huntington
 
Studi teknologi blockchain pwc
Studi teknologi blockchain pwcStudi teknologi blockchain pwc
Studi teknologi blockchain pwcRein Mahatma
 

More Related Content

What's hot

Data Driven Security in SSAS
Data Driven Security in SSASData Driven Security in SSAS
Data Driven Security in SSASMike Duffy
 
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingPCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingAlienVault
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud ApplicationsIBM Security
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoJonathan Eubanks
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditSecurityMetrics
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
Requirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
Requirements and Security Assessment Procedure for C7 To Be PCI DSS CompliantRequirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
Requirements and Security Assessment Procedure for C7 To Be PCI DSS CompliantOlivia Grey
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Wendy Knox Everette
 
Digital Guardian and CDM
Digital Guardian and CDMDigital Guardian and CDM
Digital Guardian and CDMGreg Cranley
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Ulf Mattsson
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
 

What's hot (20)

Data Driven Security in SSAS
Data Driven Security in SSASData Driven Security in SSAS
Data Driven Security in SSAS
 
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingPCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance Info
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS Audit
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
 
Requirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
Requirements and Security Assessment Procedure for C7 To Be PCI DSS CompliantRequirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
Requirements and Security Assessment Procedure for C7 To Be PCI DSS Compliant
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabia
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
 
Digital Guardian and CDM
Digital Guardian and CDMDigital Guardian and CDM
Digital Guardian and CDM
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton Chuvakin
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
 
Sql securitytesting
Sql securitytestingSql securitytesting
Sql securitytesting
 

Similar to Government's Role in Digital Identity Management

One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017Guy Huntington
 
Studi teknologi blockchain pwc
Studi teknologi blockchain pwcStudi teknologi blockchain pwc
Studi teknologi blockchain pwcRein Mahatma
 
Citizen Digital Identity: Enabling and empowering individuals and institutions
Citizen Digital Identity: Enabling and empowering individuals and institutionsCitizen Digital Identity: Enabling and empowering individuals and institutions
Citizen Digital Identity: Enabling and empowering individuals and institutionsConor Bronsdon
 
Accessibility 101 for Financial Institutions
Accessibility 101 for Financial Institutions Accessibility 101 for Financial Institutions
Accessibility 101 for Financial Institutions 3Play Media
 
Kantara Workshop at CIS
Kantara Workshop at CISKantara Workshop at CIS
Kantara Workshop at CISkantarainitiative
 
Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenienceDon Lovett
 
Digital id-toolkit-for-africa-2014
Digital id-toolkit-for-africa-2014Digital id-toolkit-for-africa-2014
Digital id-toolkit-for-africa-2014Dr Lendy Spires
 
David shrier, weige wu, alex pentland mit blockchain
David shrier, weige wu, alex pentland mit blockchainDavid shrier, weige wu, alex pentland mit blockchain
David shrier, weige wu, alex pentland mit blockchainIT Strategy Group
 
Another top 5 industries that stand to benefit most from blockchain by venk...
Another top 5 industries that stand to benefit most from blockchain by venk...Another top 5 industries that stand to benefit most from blockchain by venk...
Another top 5 industries that stand to benefit most from blockchain by venk...venkatvajradhar1
 
Introduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityIntroduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityKaryl Fowler
 
Identity progress-linked-digital-world
Identity progress-linked-digital-worldIdentity progress-linked-digital-world
Identity progress-linked-digital-worldMEDICI
 
The Present and Future of Blockchain and AI by Dinis Guarda
The Present and Future of Blockchain and AI by Dinis GuardaThe Present and Future of Blockchain and AI by Dinis Guarda
The Present and Future of Blockchain and AI by Dinis GuardaDinis Guarda
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSISSIMeetup
 
Public Sector Profile of the Pan-Canadian Trust Framework
Public Sector Profile of the Pan-Canadian Trust FrameworkPublic Sector Profile of the Pan-Canadian Trust Framework
Public Sector Profile of the Pan-Canadian Trust FrameworkTim Bouma
 
Government as a platform: engaging the public with social media
Government as a platform: engaging the public with social mediaGovernment as a platform: engaging the public with social media
Government as a platform: engaging the public with social mediaPatrick McCormick
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital TrustCA Technologies
 
Digital Transformation Business Evolution
Digital Transformation Business Evolution Digital Transformation Business Evolution
Digital Transformation Business Evolution Digital Catapult
 
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...MicheleNati
 
digital identity 2.0: how technology is transforming behaviours and raising c...
digital identity 2.0: how technology is transforming behaviours and raising c...digital identity 2.0: how technology is transforming behaviours and raising c...
digital identity 2.0: how technology is transforming behaviours and raising c...Patrick McCormick
 
Digital Asset Transfer Authority Bit license comment letter (21 10-14)
Digital Asset Transfer Authority Bit license comment letter (21 10-14)Digital Asset Transfer Authority Bit license comment letter (21 10-14)
Digital Asset Transfer Authority Bit license comment letter (21 10-14)DataSecretariat
 

Similar to Government's Role in Digital Identity Management (20)

One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017
 
Studi teknologi blockchain pwc
Studi teknologi blockchain pwcStudi teknologi blockchain pwc
Studi teknologi blockchain pwc
 
Citizen Digital Identity: Enabling and empowering individuals and institutions
Citizen Digital Identity: Enabling and empowering individuals and institutionsCitizen Digital Identity: Enabling and empowering individuals and institutions
Citizen Digital Identity: Enabling and empowering individuals and institutions
 
Accessibility 101 for Financial Institutions
Accessibility 101 for Financial Institutions Accessibility 101 for Financial Institutions
Accessibility 101 for Financial Institutions
 
Kantara Workshop at CIS
Kantara Workshop at CISKantara Workshop at CIS
Kantara Workshop at CIS
 
Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenience
 
Digital id-toolkit-for-africa-2014
Digital id-toolkit-for-africa-2014Digital id-toolkit-for-africa-2014
Digital id-toolkit-for-africa-2014
 
David shrier, weige wu, alex pentland mit blockchain
David shrier, weige wu, alex pentland mit blockchainDavid shrier, weige wu, alex pentland mit blockchain
David shrier, weige wu, alex pentland mit blockchain
 
Another top 5 industries that stand to benefit most from blockchain by venk...
Another top 5 industries that stand to benefit most from blockchain by venk...Another top 5 industries that stand to benefit most from blockchain by venk...
Another top 5 industries that stand to benefit most from blockchain by venk...
 
Introduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityIntroduction to Self-Sovereign Identity
Introduction to Self-Sovereign Identity
 
Identity progress-linked-digital-world
Identity progress-linked-digital-worldIdentity progress-linked-digital-world
Identity progress-linked-digital-world
 
The Present and Future of Blockchain and AI by Dinis Guarda
The Present and Future of Blockchain and AI by Dinis GuardaThe Present and Future of Blockchain and AI by Dinis Guarda
The Present and Future of Blockchain and AI by Dinis Guarda
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSI
 
Public Sector Profile of the Pan-Canadian Trust Framework
Public Sector Profile of the Pan-Canadian Trust FrameworkPublic Sector Profile of the Pan-Canadian Trust Framework
Public Sector Profile of the Pan-Canadian Trust Framework
 
Government as a platform: engaging the public with social media
Government as a platform: engaging the public with social mediaGovernment as a platform: engaging the public with social media
Government as a platform: engaging the public with social media
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital Trust
 
Digital Transformation Business Evolution
Digital Transformation Business Evolution Digital Transformation Business Evolution
Digital Transformation Business Evolution
 
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
 
digital identity 2.0: how technology is transforming behaviours and raising c...
digital identity 2.0: how technology is transforming behaviours and raising c...digital identity 2.0: how technology is transforming behaviours and raising c...
digital identity 2.0: how technology is transforming behaviours and raising c...
 
Digital Asset Transfer Authority Bit license comment letter (21 10-14)
Digital Asset Transfer Authority Bit license comment letter (21 10-14)Digital Asset Transfer Authority Bit license comment letter (21 10-14)
Digital Asset Transfer Authority Bit license comment letter (21 10-14)
 

Recently uploaded

OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyPooja Nehwal
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfakankshagupta7348026
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrsaastr
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@vikas rana
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )
WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )
WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024eCommerce Institute
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...NETWAYS
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...NETWAYS
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...Sheetaleventcompany
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 

Recently uploaded (20)

OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )
WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )
WhatsApp đź“ž 9892124323 âś…Call Girls In Juhu ( Mumbai )
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur fĂĽr Container und Kubern...
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
 

Government's Role in Digital Identity Management

  • 1. The Role of Government in Identity Management Don Lovett don@projectbits.com Ottawa Cyber Security Meetup Tuesday, February 16, 2021
  • 3. Today’s Agenda 1. What is the role of Government? 2. Where does trust fit in? 3. Digital Identity is broken, poor Authorization, Authentication, and Access practices weaken cybersecurity 4. What can be done? 5. How can government play a role? Let’s dive in 3
  • 4. How Do Individuals and Governments Fit Together? Society Individual NGO Academic Religious Commercial Government 4
  • 5. Economy Acceleration 'As proven in Canada, a digital ID ecosystem is not only a motor to connect people, governments and the private sector in a trusted and transparent way – but it also accelerates participation in the economy, work and mobility’ —Vidya ShankarNarayan, Assistant Deputy Minister and CIO, Agriculture and Agri-Food Canada and previously Director General, Digital Government Source: https://www.weforum.org/agenda/2021/01/davos-agenda-digital-identity- frameworks 5
  • 6. The Why McKinsey - Digital identification: A key to inclusive growth • https://www.mckinsey.com/business- functions/mckinsey-digital/our- insights/digital-identification-a-key-to- inclusive-growth 6
  • 7. McKinsey – Economic Value Follow the money “In 2030, digital ID has the potential to create economic value equivalent to 6 percent of GDP in emerging economies on a per-country basis and 3 percent in mature economies, assuming high levels of adoption” Source: https://www.mckinsey.com/business-functions/mckinsey- digital/our-insights/digital-identification-a-key-to-inclusive-growth 7
  • 8. What is the Role and Authority of Government? Rights of Government and of Citizens Foundation Principals from mid 17th century Philosopher John Locke Life, Liberty and the Pursuit of …? Happiness? Property? Privacy, Security, and Confidentiality Protections Source: https://www.earlymoderntexts.com/assets/pdfs/locke1689a.pdf 8
  • 9. What Services does the Government Provide? How many services require identity? Source: https://www.usa.gov/ 9
  • 10. What can Individuals Do to Balance Privacy and Convenience? 10
  • 11. How do Governments interact with Individuals? Privacy Warning Who are you? What are you? Where are you? How Are You? 11
  • 12. Primary Government Roles in Identity Issue Proof Documents Permissions and Authorizations and Promote Standards 01 Secure and Validate Credentials and Claims 02 Record Certain Life Events 03 Confirm Access to Benefits and Entitlements 04 Establish Trust in Proofs and Claims while Protecting Privacy 05 12
  • 13. Establishing Trust How we make trust decisions? Technology • Is it a legitimate representation? Governance • Is the source of the representation trustworthy? • Where does their authority come from? • Do they have trusted processes? Source: https://trustoverip.org/wp -content/uploads/sites/98/2020/05/toip_050520_primer.pdf 13
  • 14. Government Case Study Government issues many types of permissions and authorizations Foundational Issuances • Birth, Death Certificates • Legal Entities Registrations • Land Registration Hundreds of others grounded in foundational credentials • Health, Drivers Licenses, Education, Social Services, etc. • Business licensing, Natural Resources, Climate, etc. Economy is underpinned by Government https://trustoverip.org/wp -content/uploads/sites/98/2020/05/toip_050520_primer.pdf 14
  • 15. The Trust Machine The blockchain lets people who have no particular confidence in each other collaborate without having to go through a neutral central authority. Simply put, it is a machine for creating trust. Source: https://www.economist.com/leaders/2015/10/31/the-trust-machine 15
  • 16. Government Attempts – Old Challenges Government Service Delivery Many efforts, over the years, to find a way to deliver a simple approach for businesses faced with a multiservice/jurisdiction journey • None have succeeded at any scale (more than a few services) • Economy and Government services are constantly changing • Our governance model is aligned to In-Person trust All these services have one thing in common … Source: https://trustoverip.org/wp -content/uploads/sites/98/2020/05/toip_050520_primer.pdf 16
  • 17. Digital Identity The Missing Foundational Piece of Digital in Transformation Efforts 17
  • 18. Self- sovereign identity (SSI): The true password killer How can we make security more convenient? • While SSO and 2FA are great improvements over traditional, centralized usernames and passwords, they still don’t let us have our cake and eat it too — that is, they don’t give us both security and convenience. • But there’s an emerging technology that does. It’s called self- sovereign identity (SSI). Source: https://www.securitymagazine.com/articles/93356-self-sovereign-identity-the-true-password-killer 18
  • 19. Self Sovereign Identity (SSI) Credential Flow Self-sovereign identity in the context of data protection and privacy (yourstory.com) The How Government Roles: Government issues holds and verifies credentials and claims SSI allows cryptographic integrity 19
  • 20. OrgBook BC A success story • https://orgbook.gov.bc.ca/en/home About OrgBook BC This new service uses cutting-edge blockchain-based technology, which provides the foundation to help BC move to a digital economy. OrgBook BC supports our goal to streamline and modernize services for British Columbians as part of our broader Digital Government Strategy. 20
  • 21. How Can I get involved? Linux Foundation Identity • https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS172x+3T2019/course/ • https://training.linuxfoundation.org/ • https://www.linuxfoundation.org/ 21
  • 22. Call to Action Think about control and ownership of identity and how it can enhance your cybersecurity footprint Think about Demand to know where your personal information is going and how it is stored Demand Find Out what your identity information is being used for Find out Learn more about identity tools and processes including Self Sovereign Identity Learn 22
  • 26. Self Sovereign Identity implementations • Just a few of the SSI implementations that were launched in 2020 or are pending launch in early 2021 include: • IATA Travel Pass will be the first verifiable credential capable of providing proof of COVID-19 test and vaccination status at airports around the world, • NHS Staff Passport is the first portable digital identity credential for doctors and nurses in one of the largest public healthcare networks in the world, • GLEIF (the Global Legal Entity Identifier Foundation), based in Switzerland and the only global online source that provides open, standardized and high quality legal entity reference data, is committed to following the SSI model for digital identity credentials for companies. • SSI4DE, co-funded by the German Federal Ministry of Economic Affairs, supports showcases for secure digital identities in Germany, and Chancellor Angela Merkel declared digital identity as a priority matter during December 2020. • CULedger MemberPass brings SSI to financial services with Credit Union customer identity verification, • Farmer Connect is realizing is vision to “Humanize consumption through technology” by enabling and empowering individual coffee farmers to more easily work with global enterprises, and reducing costs and inefficiencies for large companies to work directly with small and often remote farmers. • Lumedic Exchange is the first network designed exclusively for patient-centric exchange of healthcare data using SSI-based verifiable credentials. Source: https://sovrin.org/2020-how-ssi-went-mainstream/ 26
  • 27. Government Blockchain Association Source: https://www.gbaglobal.org/ 27
  • 28. ACT-IAC Source: https://www.actiac.org/hot-topics/blockchain American Council for Technology and Industry Advisory Council 28
  • 29. More Information https://sovrin.org/developers/ Video The Sovrin Network- Making Self-Sovereign Identity a Reality • https://vimeo.com/305420834 Trust over IP • https://wiki.trustoverip.org/display/HOME/Trust+Over+IP+Fou ndation Books • https://www.manning.com/books/self-sovereign-identity • https://www.anthempress.com/the-domains-of-identity-pb Courses • https://digitaldefynd.com/best-hyperledger-fabric-courses/ 29
  • 30. Digital Identification and Authentication Council of Canada - DIACC • Interoperability: Digital Identity You Can Use • The DIACC is committed to unlocking economic opportunities for Canadian consumers, and businesses by providing the framework to develop a robust, secure, scalable and privacy-enhancing digital identification and authentication ecosystem that will decrease costs for everyone while improving service delivery and driving GDP growth. • The DIACC Trust Framework Expert Committee (TFEC) represents a diversity of public and private sector stakeholders who collaborate to deliver resources that help to solve and secure identity including: validated use cases, standards, model agreements, international alignments, and informative policy development recommendations. https://diacc.ca/the-diacc/
  • 31. NIST - Identity and Access Management Roadmap OMB Policy Memo M-19-17 assigned the Department of Commerce (NIST) the responsibility to publish and maintain a roadmap for developing new and updating existing NIST guidance related to Identity and Access Management (ICAM). NIST Information Technology Laboratory will publish and update this Roadmap at the NIST Identity and Access Management Resource Center. The Roadmap presents milestone activities, projected activity completion dates by fiscal year quarter, and explanatory notes for the following activities: NIST Special Publication 800-63 NIST SP 800-63-3 Implementation Resources NIST SP 800-63A and SP 800-63B Conformance Criteria NIST Special Publication 800-63 Revision 4 Personal Identity Verification (PIV) Guidance (FIPS 201 Revision3) NCCOE Identity Projects https://www.nist.gov/topics/identity-access-management/identity-and- access-management-roadmap 31
  • 34. GreenLight Orgbook This new service is a decentralized workflow application - a mapping tool - that helps you navigate the sometimes tricky license and permit process. It uses cutting-edge blockchain technology to show you not only the steps to getting your permit or license, but more importantly, the interdependencies that might be involved. Using a colour-coded flow diagram, GreenLight helps you build up the credentials you need to get the "green light" to operate! Source: https://dev-greenlight.orgbook.gov.bc.ca/ 32
  • 35. Estonia Already Lives Online Once they’re in the system, Estonians don’t need to fill out forms, thanks to the country’s “once-only” rule, which mandates that the government is allowed to ask for any given piece of information only one time. Authenticated digital signatures are also more secure than their handwritten counterparts, a source of bemusement to Estonians, who “think it’s crazy that much of the world still signs with a pen,” Source: https://www.theatlantic.com/international/archive /2020/05/estonia-america-congress-online- pandemic/612034/ 33
  • 36. Connection Points – World Economic Forum Source: https://intelligence.weforum.org/topics/a1G0X000005JJGcUAO?tab=publications 34
  • 38. Tell Us Once - UK Government Availability: • Not released Published by: • Department for Work and Pensions Last updated: • 12 December 2013 Topic: • Society License: • None Summary • Tell Us Once is a service which allows people to report a birth or death to most government organizations in one go. • The Tell Us Once Database records details of the life event and the information recorded can include the data of • birth or death, Names, National Insurance Number, Driving License and Passport details. • Information is held for a maximum of 35 days then deleted. Source: https://data.gov.uk/dataset/fb4b924c-7a42-433a-8280- 78a924a00a94/tell-us-once 36
  • 40. Don Lovett Bio Mr. Lovett is a Business and Technology Leader who is passionate about the promise of Sovereign Identity. He recently served as the Chief Information Officer (CIO) in the Office of Contracting and Procurement Agency, which annually procures $5.7 billion of goods and services for the District of Columbia Government. In this leadership role, he activated a digital transformation strategy with a focus on linking improvements in data accuracy, security, accessibility, and transparency to improvements in customer experience. Mr. Lovett was the Founder and Principal Consultant at ProjectBits Consulting, where he provided Public Sector, Hi-Tech, Telecom, Financial Services, Manufacturing, and Distribution clients with business and technology solutions and advice. Before that, he had a decade-long career at KPMG where he was admitted to the Partnership. Mr. Lovett has a Master’s Degree in Business Administration (MBA) from the University of Houston and a Bachelor’s in Accounting from the University of Houston. He served as an affiliate faculty member at Regis University for 5 years teaching graduate-level students in organizational and operational aspects of project management. He has earned graduate- level certificates in Software Engineering from the University of Texas and Telecommunications Management from the University of Dallas. He also holds SSCP, CSM, and PMP designations. Don Lovett don@projectbits.com 703-434-1660 Mobile https://www.linkedin.com/in/donlovett/ 38