This presentation discusses the installation of WSO2 Identity Server and homogenization of various user stores in the municipality of Heraklion Crete in Greece. The presenter explains the situation that existed before the implementation, where there were multiple and heterogeneous per application user management solutions, problems that occurred, and how they solved them. The presenter also talks about how they managed to prepare the municipality in order to be General Data Protection Regulation (GDPR) compliant, giving them the tools to create a dashboard with users data where they were able to stay informed and updated.

1. ITDT Services Solutions Architect, ITDT
GDPR Compliance and IAM Services in a
European Municipality
Panagiotis Kranidiotis

2. ● The previous situation of Heraklion City
● The proposed solution
● Lessons learned
● Benefits for municipalities by using WSO2 Identity Server
● About IT Digital Transformation
Abstract

3. City of Heraklion Crete

4. ● Administrative capital of the
island of Crete
● 4th largest city in Greece
104,730 citizens
● 3Μ tourists every year
● Awarded as one of 21 Word’s
Smart Communities in 2014
● Basement of University of
Crete
City of Heraklion Crete

5. ● Web portal with more than 6000
users
● Case management system for 700
employees
● Email based on Postfix and Horde
● Mobile applications for citizens
● Epayment gateway
● Varius Wordpess sites
IT infrastructure

6. ● Unique users profile
● GDPR compliance
● Unify the authentication process
● Provide new options of authentication
Identity Management Target

7. ● University of Crete – Applications
Migration
● NTUA Institute of Communication
and Computer Systems – LDAP
● IT Digital Transformation Services –
Identity Management
The team

8. ● Creation of a new LDAP infrastructure based on Open LDAP
● Users migration from portal’s database and other applications
● Creation of IdM infrastructure based on WSO2 Identity Server
● Use of national Identity Provider for advanced security services
● Migration of applications to SAML2 and Oauth2 Authentication
Proposed solution

9. ● GDPR ready
● Centralized identity
● Various type of userstores
● Various options of inbound authentication types SAML2, OAUTH2 ,
JWT etc
● Self registration
● Fully open source
● Option of vendor support
Why WSO2 Identity Server?

10. ● Single handling of users
● Self-care users portal. Access, rectify, consent revocation, data
portability
● Consent management
● Strong authentication
GDPR compliance achieved?

11. ● Users migration from various userstore is a painfull procedure
● WSO2 is a great platform to create custom solutions keeping the core
solution stable
● React or other mainstream javascript could be a better option for UI
components
Lessons learned

12. ● Add more municipality applications to Identity Management platform
● Deployment on other municipalities in Crete
● Exchange of users with municipalities, universities, prefecture
● Use of Identity management infrastructure to private companies.
Create loyalty schemes
● Eponymous Online intergration
Next steps

13. ● Unique identity experience for public servants and citizens
● Single way of authentication. Reduced cost of development in new
applications
● Sharing identities with other private and public sector authorities and
the academia
● Easy GDPR compliance
● EIDAS ready. From 29th of Semtember 2018 compulsory for public
administrations
Benefits for municipalities

14. IT Digital Transformation Ltd is a company
based in Cyprus with customers at the
moment in Cyprus, Greece and the Balkans.
Company provides digital transformation
solutions based in WSO2 products, especially
in WSO2 Identity Management.
About ITDT

15. THANK YOU
wso2.com