1 / 14

eGovernment Commonalities within Europe and beyond

eGovernment Commonalities within Europe and beyond. Colin Wallis & Fulup Ar Foll European Identity Conference 2011. A 2-part presentation with conclusion and discussion:. Colin: overview the landscape & highlight policy-oriented common touch points Fulup: detail technically-oriented

margaret-emerson
Download Presentation

eGovernment Commonalities within Europe and beyond

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. eGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011

  2. A 2-part presentation with conclusion and discussion: Colin: overview the landscape & highlight policy-oriented common touch points Fulup: detail technically-oriented common touch points Colin: draw conclusions and facilitate discussion

  3. ‘the Venn of eGovernment’ – a framework of frameworks?

  4. ..of ecosystems, federations and frameworks…. is it all semantics? eGovernment (interoperability) Framework? Identity Ecosystem? Transformational Government framework? Trust framework? Cloud computing framework? Trust federation?

  5. …grouped by breadth of scope, level of detail

  6. Question… If one framework uses asserted government issued credentials (a government IdP) and another framework uses asserted private sector credentials (a private sector IdP) does it matter?

  7. Question… If one framework is based on regulation and legislation and another framework is based on contract and common law does it matter?

  8. Technical Commonalities eGov Profile v2.0 The goal is to implement a certification process that allows a non-expert to select the correct product suite. • Common technical issues are: • Metadata exchanges • Authentication assurance • SSO/SLO session management • Proxy and authentication attributes

  9. Metadata exchange • Most, if not every, government relies on some form of contract to handle IDP/SP relationship. • Publication of Metadata in a well-known location • Generation/Exportation is OPTIONAL • Verification, if implemented, MUST use XML signature

  10. Authentication Assurance Framework • Most governments rely on some form of assurance framework based on some form of NIST equivalent level • Implemented through OASIS Assurance Framework • MUST support the acceptance/rejection of assertions based on the content of the <saml2:AuthnStatement> <saml2:AuthnContext> elements • It is hard to agree on a common certification, but it is a MUST have to agree on a common framework and assure interoperability

  11. SSO/SLO Session Management • Logout is the main technical issue for implementers. eGov profile enforces as a MUST for SLO • HTTP transport binding • SAML SOAP LogOut request • SAML redirect [optional for SP] • Specify user options to control SLO behaviours. • TLS and other forms of authentication with SAML/SOAP are optional.

  12. Proxy Authentication[Only for Full V2.0 Profile] • Suppression or editing of RequesterID elements from outgoing AuthnRequest • Support the mapping of incoming to outgoing AuthnContext elements • MUST support the suppression of <saml2:AuthenticatingAuthority>

  13. Questions? http://kantarainitiative.org http://docs.oasis-open.org/security/saml/v2.0/

  14. Conclusions They are all (federated) trust frameworks There are broad (eGov and TGov) trust framework deployment profiles There are narrower (cloud) trust framework deployment profiles They comprise common components They have common requirements – policy, semantics, conformance, compliance, certification etc

More Related