1 / 21

“DigiD model” from studentchipcards to trust federations a story

“DigiD model” from studentchipcards to trust federations a story. Jaap Kuipers Stichting SURF kuipers@surf.nl EuroCAMP, Malaga, October 19 2006. attributes, acknowledgements. KPMG, IT auditor Dutch government computer centre, head of IT audit and security

mariaf
Download Presentation

“DigiD model” from studentchipcards to trust federations a story

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “DigiD model”from studentchipcards to trust federationsa story Jaap Kuipers Stichting SURF kuipers@surf.nl EuroCAMP, Malaga, October 19 2006

  2. attributes, acknowledgements • KPMG, IT auditor • Dutch government computer centre, head of IT audit and security • Rabobank, financial control computer centre • Sabbtical, IT in Africa • SURF Foundation, programme manager Identity management, trustfederations, standards • A lot of fun working together with SURFnet’s Bart Kerver, Klaas Wierenga, Maarten Koopmans, Ton Verschuren on IdM

  3. Mission • A nationwide authentication service • (inter)national trustfederations

  4. how ? • Look for strategic alliances • (Education with eGovernment, Healthcare, Business) • U-turn: help ourselves by helping others ( problem in eGov greater than in Education, others pay a fair share) • Education and research is not an island in the knowledge economy

  5. shared interests there is a clear need for horizontal initiatives in the field of authentication, payment systems and security provide a ‘breakthrough environment’ From Rethinking The European ICT Agenda

  6. History • 1996 Student chipcards, 15 MEuro later, lessons learned a hard way • Gigaport programme: pragmatic authentication with tools users already have (bankcards, SMS-OTP) • 2001 TrustSURF programme: from chipcard to authentication, to federations and standards • 2001 asked ECP.NL (eNetherlands group) to join the steering committee

  7. History • 2002 A-Select software, freedom of choise • e-OK framework for definition of levels of trust: Basic, Middle, High • 2003 Government programme “an Other Government” 65% services online by 2007 • 18-6-2003 13h. seminar on Finread standard: notion of proportional security presented by National Manifesto Group • 2 weeks later demo of A-Select at Social Insurance Bank • building the National Authentication Facility (NAV) • 24-06-2004 A-Select Open source software (mandatory for use within eGov)

  8. Many authentication tools

  9. Freedom of choise

  10. Growthpath PKI- government High Bank Chipkaart SMS-TANcode Middle SMS-passcode Password Low “ease of use” cost time AuthSP’s

  11. History • 1-12-2005 NAV renamed to DigiD • Public libraries in federation with A-Select • 2006 350.000 users for MyStudent loan using A-Select with SMS-on time passwords • 2006 1,3 mln account, signing 500.000 taxforms • 2007 6,5 mln users planned, mandatory use for taxforms • authentication high on agenda

  12. selling federations:passport metaphore helps

  13. DigiD-federation

  14. selling federations:Financial federation metaphore

  15. Parties involved Advisory board for A-Select open source: SURFnet Kennisnet (K-12 education) BKWI (Social security insurances) ICTU, (eGovernment) Interpay (Clearinghouse for banks) Diginotar (Digital Notary) En betrokkenheid van ABN AMRO, Rabobank, Openbare Bibliotheken, Alfa&Ariss

  16. Public libraries

  17. Healthcare • Academic hospital Leiden: Citrix with bankcards and RSA-calculator for strong authentication for home use • CIBG UZI PKI card ?

  18. Businesses • DigiNotar (authenticatie serviceprovider and services) • ABN-AMRO Bank (authentication serviceprovider) • Rabobank (authenticatie serviceprovider) • Interpay • Postbank (SMS-TAN) is invited • Publishers • Software leveranciers (software vendors)

  19. Results • Open source, standards based Federated IdM • broad support for A-Select open software • U-turn worked well for Dutch education • Sharing of IdM knowledge over all sectors • open infrastucture for Education, Government, Healthcare, Business

  20. The offer • Ease of use better security • Freedom of choise passwords, tokens, passwords-via-SMS, bank, PKI certificate, IP-adres and more • A migrationpath, no vendor lock-in less passwords, migrate to stronger authentication when necessary • Middleware, open source software, free • Levels of assurance( basic, middle, high) • Single sign-on • Federative model: authenticate local, act global

More Related