Transforming Trust in Government by n.rajbharath


									discussion paper

Transforming Trust in Government

The Utility of Identity – A 21st Century Enabler
A rationale for identity management                            Delivering change efficiently through
In his best selling book ‘The Utility of Force’, General
                                                               identity management
Sir Rupert Smith detailed how the nature of conflict           We believe that the National Identity Scheme, if
had changed over the last hundred years but that the           implemented correctly, can deliver significant reforms as
use of force had not. He explained how force, the              envisaged by the Government. Indeed, the scheme has
main component of any conflict, has become less of a           the potential to go even further than the Government has
blunt instrument of change and more a subtle utility for       currently outlined.
influencing holistic transformation, including the political
                                                               As the processes that run our society and economy
context, more effectively.
                                                               become increasingly automated, it makes sense to
Much of this transformation and utility of force had           utilise identity management technologies in order to
been enabled by the automation of information and its          reduce running costs and improve public services. The
subsequent instantaneous sharing on, around and within         authentication of identity is the single most important
the battle space.                                              organising principle for the processes of Government, the
Similarly, but outside the military domain, the                economy and therefore society. This is a point outlined by
authentication of identity, and hence identity itself,         Dame Pauline Neville-Jones at the Information Assurance
has moved from being an isolated component in the              Advisory Council (IAAC) Symposium in July 2006.
transaction between people and society to a utility that       A National Identity Scheme will reduce fraud, it will help
enables change in many different domains within society        prevent identity theft, it will make more efficient managed
(and the economy) in a way that can and will transform         migration and it will support efforts to counter terrorism.
our quality of life.                                           But in looking to justify the system it is too limiting to
                                                               start the business case from the bottom up. And it is
People Centric Public Services                                 simplistic to look at identity management within the
The UK Government has struggled to develop a clear             parameters of a small number of political objectives.
rationale for an ID Cards programme. The original thinking     Identity management solutions have the potential to
behind the national identity scheme was that it was part       positively impact almost every aspect of our lives.
of the arsenal to fight terrorism, reduce social security
fraud and prevent identity theft.
                                                               Building a stronger case for identity
As this justification both failed to provide a
comprehensive validation and fuelled criticism of the
                                                               management processes
scheme, the government finally started to talk about           It is critical that the Government explores all of the
identification as a means to improve public service            benefits to citizens of identity management solutions
delivery. People Centric Public Services should have been      and then design an identity system that releases those
the first and principal reason for the National Identity       benefits and services. Identity management can realise
Scheme, not the last and secondary. Its introduction now       economic and social benefits in addition to security and
has changed the course of the programme distinctively.         fraud reduction. But to do this there must be greater
                                                               understanding in Government of the true utility of identity.
                                                               The National Identity Scheme doesn’t need to be a
                                                               “green field” project - much of the cost of widening
We believe that the National Identity                          the use of identity management processes would be
Scheme, if implemented correctly,                              offset by utilising existing technology infrastructure and
can deliver significant reforms as                             applications, contracted afresh through renewal to keep
                                                               procurement costs down as well.
envisaged by the Government.
Indeed, the scheme has the
potential to go even further than the
Government has currently outlined.                                                                                          3
The quality of information in existing Government                   Data Protection Act, that is sharing my data between
data bases (and there are quite a few that cover an                 databases with my permission, but with appropriate
individual’s digital footprint from cradle to grave) may            safeguards in place if data is shared without my
not be very good but the potential for data refresh and             permission.
correction by primary reference to the National Identity
                                                                    The Data Protection Act is a central pillar for upholding
Register will now exist. Re-use, however, changes the risk
                                                                    information rights of the citizen/consumer. It was first
of the NIS project from being complex to complicated -
                                                                    enacted in 1984 and updated in 1998. It is time it
a pixelated programme of varying tempo and timescale.
                                                                    was reviewed again and updated to now more carefully
The combination of assured authentication of identity,              supervise and monitor the use of identity information.
enabled by :
                                                                    Indeed, it is a natural extension of such a society, with
• biometrics
                                                                    the focus on the individual, that the individual should
• the use of RFID and wireless networks,
                                                                    have expectations about how their data is now handled
• a secure but accessible database that provides
                                                                    since the centricity of identity use is so prominent in
  automated linkage enabling access to individual identity
                                                                    every day life. Lord Toby Harris of Haringey expressed
  entitlements or permission profiles
                                                                    these at the same IAAC annual symposium in July 2005:
• the ease of transaction enabled by internet-style
  “one click” purchase                                              • “Don’t Give Others My Data Without My Permission”
                                                                      This raises interesting questions for the management
is a powerful combination of technology and process that
                                                                      of identity and the issue of user control and usage
can truly transform the way we exist within society.
                                                                      transparency for government.
Of course, this process is made more appealing still if
                                                                    • “Don’t Lose My Data”
individuals are then able to utilise the same national
                                                                      It is extremely inconvenient (an understatement) when
identity credential, created by the Government, for other
                                                                      this happens in electronic environments, as it can have
purposes in their everyday life. The two case studies at
                                                                      very detrimental effects, even devastating, on the
the end of this paper provide illustrations of just some of
                                                                      person whose information goes missing.
the benefits that can be released.
                                                                    • “Don’t Abuse My Data”
Clearly the Government still has a long way to go in
                                                                      This is fundamental for the establishment of robust
selling this idea since this efficient, but still free, identity-
                                                                      frameworks to regulate the use of data, preventing
centric society is seen by some to have significant
                                                                      inappropriate or illegitimate use.
disadvantages. Addressing these issues is critical to
ensuring the ultimate success of the scheme.                        • “Don’t Waste My Time”
                                                                      How to handle processes such as authentication
                                                                      in the most efficient manner, to avoid repetition and
Ensuring privacy and protecting                                       duplication? Reducing the inconvenience to users
                                                                      should be a key concern.
individual rights
                                                                    • “Can I Prove Who I Am and Can You Prove Who You Are”
The first issue is the perceived loss of privacy. Provided
                                                                      This is about getting the processes of establishing
legislation accommodates controlled and democratic
                                                                      identity right, in particular at the stages of registration
sharing of data within existing laws, then there is no
                                                                      and authentication.
reason why an identity centric society cannot work well
without the constraints and privacy abuses perceived                • “Can You Be Assured That The Information Provided
by those opposed to the scheme. The legislation                       Is Accurate and If Not, Can It Be Corrected”
could, for example, be an electronic articulation of the              Again, a challenge particularly for the provision of public

These are justifiable demands on anyone who uses             of identity. The result is a more prosperous, but safer,
my data, but particularly on the Government since they       society for the future.
are accountable to me, the citizen. It is important for
Government to develop a sense of how ‘trusted’ the
identity management programme is by citizens. We             Case Studies
propose that the Government creates a “trust index” to       Smart Buildings – securing assets, utilising
assess the public perception of how the Government           space, and reducing the carbon footprint
protects and uses citizen data. Unisys has developed
                                                             The premise that identity is the single most important
such an index – a Trusted Enterprise Index (TEI - see
                                                             organising principle of the modern economy can be
Appendix) - for benchmarking then measuring the amount
                                                             tested against a number of contemporary situations to
of trust an organisation or scheme is perceived to           clearly highlight improvements in efficiency and savings in
possess evaluated against 31 metrics of trust, resulting     budget. Building management provides a good example.
in a TEI Figure of Merit. Such a scheme allows UK citizens
                                                             There are many linear ideas about improving access
to hold their Government truly accountable for privacy,
                                                             control for buildings with concepts such as having a
oversight and trust.
                                                             single sign-on linking physical access in and around a
                                                             building and the security turnstiles with logical access,
                                                             using the same credentials either on a card or token, to
Getting IT right                                             access the company intranet and the digital domain in
                                                             which an individual works.
The second most important perceived disadvantage of
such a large scheme is the “track record” in the UK          However, authentication of identity can be more pivotal
for implementing large IT systems. The whole scheme,         than that. By linking assured authentication of identity
due to the re-use of existing assets (certainly database     with wireless communications through RFID and a
technology stacks), will move from being a complex           database that can link various authenticated “things” that
                                                             have permission to be linked there are many benefits
system to one that is overly complicated. There needs
                                                             to the individual and to the business through improved
to be a very detailed and specific plan as to how the
                                                             security, running costs and overheads.
technical aspects of the programme will be addressed,
with consultation across a wide range of technical           Take a typical employee about to enter the place where
experts in the information technology community.             he works.
                                                             His employer has provided him with a company “Identity
                                                             Card” that holds his identity credentials, possibly the
UK – harnessing the benefits of                              credentials he gave to the NIR, or else a set that is
                                                             derived as a result of him being checked against the
identity in the long term                                    NIR when starting employment. The card is also a small
The UK, as an identity centric nation, will inevitably       powered transceiver (an active RFID card) that can
become more competitive than other nations for exactly       communicate to sensors in the building to a range of a
the same reasons that businesses seeking greater             few feet. The sensors are networked to the companies
                                                             HR database, which shares the identity information with
automation require to be identity-centric businesses.
                                                             other databases that make up the business processes of
The UK is in a unique position right now where it is the
                                                             the company.
vanguard of an identity centric social order.
                                                             The Company “Identity Card” could also be inserted
As well as Government administrative benefits originally     or swiped into the first access gate in the building, or
used as the basis for justifying a National Identity         the card could be “active” (be integrated with a lithium
Scheme, there are now real benefits to the consumer by       battery) and have integrated into it a small biometric
enabling lower costs of living and to business with lower    reader allowing for self-authentication when prompted
financial waste through the efficient authentication         by the access gate. Once authenticated several things

Firstly the “building” knows you are in and therefore           six months) but the quantity is not given to the drug user
has counted you in for safety and business continuity           all in one go. They have to visit the pharmacist each day
reasons. Likewise it will count you out. Such a process         to get their daily dose since they are not trusted not to
makes an emergency evacuation of the building simple            abuse the methadone, or to sell it.
and accurate as the building knows when you leave.
                                                                Authentication of identity is important but difficult for the
Secondly, the building will access your “permission             pharmacist since they are relying on current analogue
profile”. This is a linkage table that links the employee       procedures, which are easily fooled, particularly with
with assets that are also identified by the central             the number of drug users they will deal with in a single
database and that the employee has permission to use            day. However utilising the identity credential created by
or to carry, such as a laptop. The system will now allow        the National Identity Scheme allows the pharmacist to
the employee and his laptop to roam freely throughout           validate the drug user’s identity credential against the
the building in areas where he has permission to be. If         pharmacy’s database, authenticate the individual to make
however his laptop is picked up by someone else and             sure they are whom the card say they are, and then
moved the building will register this and, for instance, not    administer the prescribed dose. In a pharmacy, where
allow this erroneous combination to go through the exit         perhaps several hundred drug users go each week drug
gate. It will also automatically alert security.                fraud is all but eliminated.
So far this is merely an improvement in normal secure           But the idea of linkage also works for those who are
operation. However, such a scheme also allows facility          not on the National Identity Scheme, such as newly
management to understand how space is used in the               born babies. Maternity Units in hospitals have to have a
building and how it could be utilised more effectively.         high degree of security yet still allow legitimate parents
This has important consequences in terms of number of           in to see their babies. The baby is far too young for a
buildings a company actually uses and requires, the size        meaningful biometric to be taken. However the mother’s
of the carbon footprint of the company and the saving           identity credential (or a sub-set of it) can be captured
that will accrue from reducing the company real estate.         onto a 2D barcode and printed on a label that can
                                                                be attached to the baby’s wrist or ankle. Similarly the
This may sound futuristic but it is being actively considered
                                                                identity credentials of medical staff who have permission
by a number of companies now and will be a reality soon
                                                                to handle the baby are also captured on a barcode tag
after the National Identity Scheme is established.
                                                                attached to the baby allowing for tighter security but also
                                                                an auditable trail if anything still goes wrong.
Linkage – reducing health care error by
increasing identity assurance                                   Barcodes have been a reality for over a decade and
                                                                are commonplace around the world. The same scheme
Databases are highly efficient. Much effort has gone into       can be applied to error reduction in the Health Service,
very fast processing and very large bandwidths, allowing        ensuring that the right patient gets the right treatment.
a lot of data to be processed and communicated very
quickly, in fractions of a second.                              Such linkage can be extended to other items that belong
                                                                to us – that is, are on our Permission Profile – not least
Data does not have to be at the point of enquiry for the        luggage. Linking my luggage to me when I am travelling
system to be efficient enough for everyday working. Chip        using my identity credential (or part of it that allows
and pin financial transactions are an example of this.          verification within risk limits) is yet another example
Hence the speedy validation of an activity based on the         of the utility of identity. Not only does it make travel
assured authentication of identity allowing for a very          more secure by removing the “known knowns” from the
high probability of an accurate process with few if any         security picture but it also makes the assured recovery
errors (by the machine) is now possible at various risk         of luggage after frights, such as the August 2006 bomb
levels. As in the Smart Building concept the concept of         scare at Heathrow that saw 10,000 pieces of luggage
Permission Profiles is used.                                    lost, more probable.
As an example take the rehabilitation of drug users. They
are prescribed methadone. The prescription will be for a
                                                                To discuss any of the topics raised in this
period of time (say one week, maybe one month, maybe            discussion paper contact:
                                                                  Neil Fisher, Unisys Limited
                                                                  01895 862000


Unisys Trusted Enterprise Index
Earning the “trust” of key stakeholders – from partners to
customers to employees - is an intangible asset that is
extremely difficult to achieve and even harder to maintain.
To determine what characteristics enhance and
erode trust, and how they impact on different types
of organizations and the industries they operate in,
Unisys and the Ponemon Institute partnered to create
the “Trusted Enterprise Index,”, a measure of trust
articulated in a score against a variety of measurable
attributes of trust. Unisys then applied the Index in an
international survey that polled senior-level business
leaders from a wide range of industries about the
importance, impact and influence of trust, privacy and
security in business.
The Unisys Trusted Enterprise Index is a broad, multi-
year global initiative that explores business, government
and consumer perceptions of trust, security and
privacy issues. This current research segment includes
an in-depth analysis of consumer trust of online
banking, airline security, border security, and corporate
governance, among other concerns.
The Index identifies 31 characteristics of trust. In the
Survey respondents were asked how much each factor
built trust when it was present, and how much each
factor eroded trust when it was missing.

To learn more about the Unisys Trusted Enterprise Index,


About Unisys
Unisys is a worldwide technology services and solutions
company and has worked on a number of high profile
Identity management projects around the world. These
• In Malaysia, Unisys developed and rolled-out a multi-
  purpose smart card which is the first in the world
  to incorporate both government and private sector
  applications such as driver’s license, passport and
  health information. It is also a bank card and can be
  used as an e-purse for small purchases.
• Having provided research and development support for
  facial recognition technology to the U.S. Department of
  Defense, Unisys is helping Passports Australia to
  develop a system which will mean that Australia will
  the first country to use facial biometric technology
  in passports.
• In the USA, Unisys is the prime contractor for The
  Transportation Security Administration (TSA), to build
  the information technology infrastructure for this new
  agency for its Registered Traveller programme - a
  system which uses biometrics to verify the
  passenger’s identity.

©2007 Unisys Corporation.

All rights reserved.

Unisys is a registered trademark of Unisys Corporation. All other brands or products referenced herein are acknowledged to be trademarks or registered trademarks
of their respective holders.                                                                                                                            CMS 507-07

To top