Date post: | 08-May-2015 |
Category: |
Technology |
Upload: | secure-identity-alliance |
View: | 187 times |
Download: | 1 times |
Sharing Best Practices for SuccessXavier Fricout, Deputy Board Member, Secure Identity Alliance
World eID Congress, September 2013
2
Introducing the Secure Identity Alliance
• The Secure Identity Alliance is committed to helping public bodies across the world deliver e-government services to citizens through the widespread
adoption of secure e-document technologies.
• Founded in March 2013 by leading eDocument and eService Companies
• Members at date:
World eID Congress 2013
3
Its Objectives
Accelerate the transition to smart eDocuments to support an open, interoperable and efficient roll-out of eGovernment online services by:
Describe and promote use cases of convenient value-added eGovernment services
Share experiences and best practices between industry and governments modernizing their services, in particular towards ensuring the privacy of end-users’ personal information
Promote standardization of relevant and appropriate industry specifications Make recommendations on the most up-to-date means to properly address
the governments identity and privacy challenges• eDocument hardware, software and secure printing technologies, materials and physical security
expertise • Deliver the level of confidence and assurance needed for the rapid adoption of eServices that can
be trusted by citizens
Provide consistent reference information on security, identity and privacy challenges in a transparent manner
World eID Congress 2013
In short, the Secure Identity Alliance offers a trusted partner for governments when defining their eDocument strategies and implementing associated
eGovernment services.
4
Its Workgroups
World eID Congress 2013
5
Best Practices in eDocument Security Workgroup
It’s about defining the best solution based on the factors that need to be considered of:
Usages and environment / convenience, privacy, durabilityBest practice in security measures and featuresReal threats towards defending security measures and
featuresAppropriate international standards and regulationsService levels and customer serviceLogisticsOverall cost of the solution
World eID Congress 2013
6
@
Environmental factors – Big data
World eID Congress 2013
Cell phone N°AddressInterestsPurchase history
Health StatusBlood groupInsuranceAddress
Tax statusSocial securityBirthdayBirthplaceGenderNationality
Credit ratingIncomeAddressTravel habitsWork details
7
Environmental factors – Standards & Regulation
“an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities.” NSTIC
Regulations
NSTIC in the US (National Program Office of the National Strategy for Trusted Identities in Cyberspace)
e-IDAS in Europe (regulation on eIdentification, eAuthentication and eSignatures and Trusted Services)
National specific initiatives: Sweden, Estonia, etc.
Standards: CEN, ETSI, ICAO, ISO, GixelIN and others
Initiatives : GSMA Mobile ID
World eID Congress 2013
8
The Security Awareness Model
Introducing
World eID Congress 2013
9
Data, material flow & support services during life time secure credential
World eID Congress 2013
Document delivery
Document usage
Design documentSecurity Optical
Procurementmaterials
Manufacturingblank document
Secure environment Controlled varieties
Transportblank document
DATAFLOW
EntitlementPost
issuance mngt
Data preparation
SUPPORT PROCESS
IT security
Reject/waste handling(remake process)
Enrolment
PersonalizationDocument/
Document IssuanceBiographical data protection
Logical Security
MATER
IAL FLO
W
Treatment Materials and
Blanks
Facility Security
10
The Secure Awareness Model
Based on real world expertise, experience and best practice
Based on use casesUse of historical dataVisionary level of future state
developmentWill incorporate self assessment
scheme for end users to define their current development status.
Will provide users a report to define their next steps in improving their solution
Will incorporate anonymous reports to provide position in region / world
SIA Maturity Index Creation eg. Wasada University Model
World eID Congress 2013
Waseda Model
11
What makes the model unique
SIA is a global organization
SIA covers the full lifecycle of secure documents including physical and logical security
SIA is an expert through its collective heritage and expertise
SIA is a trusted partner: making recommendations for the interest of governments and citizens/ non profit
Timeline: first draft of the model available at cartes’13
World eID Congress 2013
12
Interested to participate?
Government agencies interested in participating in the model first draft can contact the Secure Documents Workgroup Chairman:
Neil Rudeforth at [email protected]
Actors of the Secure Identity interested to join the Alliance can contact the Secretary General or the Marketing & Communication Consultant:
Jean-Claude Perrin at [email protected]
Stéphanie de Labriolle at [email protected]
World eID Congress 2013
www.secureidentityalliance.orgXavier Fricout, Deputy Board Member, Secure Identity – [email protected]
Thank You