A-Select

Document Sample
A-Select Powered By Docstoc
					      “DigiD model”
from studentchipcards to
    trust federations
                 a story

          Jaap Kuipers
         Stichting SURF
        kuipers@surf.nl
    EuroCAMP, Malaga, October 19 2006
                               attributes, acknowledgements

   KPMG, IT auditor
   Dutch government computer centre, head of IT audit and security
   Rabobank, financial control computer centre
   Sabbtical, IT in Africa
   SURF Foundation, programme manager Identity management, trustfederations, standards




   A lot of fun working together with SURFnet’s Bart Kerver, Klaas
    Wierenga, Maarten Koopmans, Ton Verschuren on IdM
             Mission


   A nationwide authentication service
   (inter)national trustfederations
                   how ?

   Look for strategic alliances
    • (Education with eGovernment, Healthcare, Business)

   U-turn: help ourselves by helping others ( problem
    in eGov greater than in Education, others pay a fair
    share)
   Education and research is not an island in the
    knowledge economy
           shared interests

there is a clear need for
horizontal initiatives in the
field of authentication,
payment systems and
security
provide a ‘breakthrough
environment’




                                From Rethinking The European ICT Agenda
               History

   1996 Student chipcards, 15 MEuro later, lessons
    learned a hard way
   Gigaport programme: pragmatic authentication with
    tools users already have (bankcards, SMS-OTP)
   2001 TrustSURF programme: from chipcard to
    authentication, to federations and standards
   2001 asked ECP.NL (eNetherlands group) to join
    the steering committee
                  History

   2002 A-Select software, freedom of choise
   e-OK framework for definition of levels of trust:
    Basic, Middle, High
   2003 Government programme “an Other Government” 65%
    services online by 2007
   18-6-2003 13h. seminar on Finread standard: notion of
    proportional security presented by National Manifesto Group
   2 weeks later demo of A-Select at Social Insurance Bank
   building the National Authentication Facility (NAV)
   24-06-2004 A-Select Open source software (mandatory for
    use within eGov)
Many authentication tools
Freedom of choise
            Growthpath


                                                     PKI-
High                                                 government



                                         Bank
                           SMS-TANcode   Chipkaart

Middle

                    SMS-passcode


         Password


Low




                                                        “ease of use”
                                                        cost
                                                        time
                  History

   1-12-2005 NAV renamed to DigiD
   Public libraries in federation with A-Select
   2006 350.000 users for MyStudent loan using
    A-Select with SMS-on time passwords
   2006 1,3 mln account, signing 500.000
    taxforms
   2007 6,5 mln users planned,
    mandatory use for taxforms
   authentication high on agenda
 selling federations:
 passport metaphore helps

                             GBA




                                                DE
           burger



     UK
          OK



                    X                      BE




SA
                        UK    BE   DE GBA SA

                        FR    X    Y   Z
DigiD-federation


                  GBA




                             OK
     burger


    OK                  OK
     K


              X
    O
selling federations:
Financial federation metaphore
                             Parties involved

Advisory board for A-Select open source:
SURFnet
Kennisnet (K-12 education)
BKWI (Social security insurances)
ICTU, (eGovernment)


Interpay (Clearinghouse for banks)
Diginotar (Digital Notary)



En betrokkenheid van   ABN AMRO,   Rabobank,   Openbare Bibliotheken,   Alfa&Ariss
Public libraries
               Healthcare

   Academic hospital Leiden:
    Citrix with bankcards and
    RSA-calculator for strong
    authentication for home use


   CIBG UZI PKI card ?
                         Businesses

   DigiNotar (authenticatie serviceprovider and services)
   ABN-AMRO Bank (authentication serviceprovider)
   Rabobank (authenticatie serviceprovider)
   Interpay
   Postbank (SMS-TAN) is invited
   Publishers
   Software leveranciers (software vendors)
               Results

   Open source, standards based Federated IdM
   broad support for A-Select open software
   U-turn worked well for Dutch education
   Sharing of IdM knowledge over all sectors
   open infrastucture for Education, Government,
    Healthcare, Business
                 The offer

   Ease of use better security
   Freedom of choise
     passwords, tokens, passwords-via-SMS, bank, PKI certificate,
     IP-adres and more

   A migrationpath, no vendor lock-in
     less passwords, migrate to stronger authentication when necessary

   Middleware, open source software, free
   Levels of assurance( basic, middle, high)
   Single sign-on
   Federative model: authenticate local, act global

				
DOCUMENT INFO