Title: Entitlement Managing Identity Assurance Declan RossThomas, Strategic Development Manager 8th Decembe
1Entitlement Managing Identity AssuranceDeclan
Ross-Thomas, Strategic Development Manager8th
December 2005
2Integrated Security Identity
Is a basic need for all of us
3An Integrated Approach to Security Identity
Area ofInterest
Intelligence
4An Integrated Approach to Security Identity
Area ofInterest
5An Integrated Approach to Security Identity
Area ofInterest
6An Integrated Approach to Security Identity
Area ofInterest
7Components of Identity
- This is
- referencable
- a statistical average
- Best known intelligence
- These are needed for
- encryption
- SLAVE
This is the Master Identity
8Identity Management, Entitlement, Trust
9What does this mean?
- Having effective solutions, efficiently managed
- Knowing who the customer is
- Identifying who is entitled
- Assessing entitlement
- - Citizen and Subject
- - Untangling the web of inter-dependency
- What are the needs ?
- Appropriate, required, needed, desirable
- Needs assessment can be taxing -
pseudonomisation (epidemiology)
anonymisation (e-voting) - Anonymity is pervasive and a significant
source of inefficiency as well
as a
serious threat - Privacy and anonymity
10Find the common denominator . . .
and identity and entitlement is assured
Degree of difficulty
Low
UnableUnwillingDisenfranchised
Compliant Interactive Standardisedrequirements
Too busyNot inclinedMobile
High
Focus on patterns of abnormal behaviour
Population 100
Enabling efficient management of
resources to manage by exception
11Factors influencing the model
- Balancing risk reward
- e.g. access vs. risk of fraud
- Aligning processes to people and their needs,
evolving bureaucratic and legacy infrastructure - e.g. adapting to the digital economy
- Intelligence lead service delivery and resource
alignment - e.g. immigration affecting demographics in a
given location - Data sharing and issues of transparency its
all about trust
12Whats the Government saying?
Are there levels of trust?
- No confidence is placed in the asserted real
world identity of the client or no real-world
identity is asserted
- On the balance of probabilities, the registrants
real-world identity is verified
- There is substantial assurance that the
registrants real-world identity is verified
- The registrants real-world identity is verified
beyond reasonable doubt
(definitions courtesy of the UK Government,
Office of the E-Envoy)
13The issue is one of Trust
- The challenges
- Trust Is a human behaviour confidence is a key
factor trust has to be earned its hard to
inherit information hiding is a barrier to
trust, its difficult to trust what we cannot see
or understand - Trust is not easily learnt by technology
technology is rules based (not intuitive) - Integration of Information Assurance with
Business Processes (Identity Assurance) - The CSFs (The Safeguards)
- Transparency is crucial to enabling trust - we
must give people the reason to trust the
information systems that process their personal
data - Provide for their Subject Access Requests under
DPA - Provide for their General Access Requests under
FOI - The result
- The absence of Identity Assurance makes us
inefficient and much less effective than we
should be (less trusting)
The absence of Identity Assurance is a
REAL threat to the evidential
chain
14Focus on the KPI . . . the citizen
- Clear policies
- Its about people
- Technology that enables people to make informed
judgements to trust - Measurable benefits driven Key Performance
Indicators - It is difficult to measure what we do not know?
- Shared objectives
- Between entities (organisations people) is a
key requirement - Service orientated architectures
- Socio-technical solutions
- Data quality
- make people responsible for their personal data
(i.e the data owners) - Involve people in the ownership of their personal
information - Optimise working solutions, dont design
optimised solutions - Identity theft is the modern e-pidemic its
out of control)
Entitlement and Identity Assurance are key to
efficient e-services
15Summary
Entitlement and Identity Assurance are key to
efficient e-services
The absence of Identity Assurance is a REAL
threat to the evidential chain
Efficiency is a function of effectiveness
Mapping of Real World Identities to Digital
Credentials
Enabling efficient management of resource to
manage by exception
16Any Questions
Speaker Declan Ross-Thomas Siemens Business
Services
17(No Transcript)