Federated e-Identity Management across GCC Countries

www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved

Partners in Building UAE's Security & Economy

Our Vision: To be a role model and reference point in proofing individual identity and build wealth informatics that guarantees innovative and sophisticated services for the benefit of UAE

World e-ID Congress: Identity Services for Government Mobility & Enterprise Conference | Sept 25-27, 2013 | Nice, French Rivera, France.

Federated e-Identity Management across GCC Countries

P a r t n e r s i n B u i l d i n g U A E ' s S e c u r i t y & E c o n o m y

Our Vision: Provide an integrated and advanced personal identity management system that contribute to the transformation of the government and the economy and promotes security and global competitiveness of the UAE.

Presented by: Dr. Ali M. Al-Khouri


Introduction: Scattered Practices

• Silos of identity management systems!

• Interoperability and mutual trust?

• Need to establish a trusted IDENTITY for an individual that can be used across domains, by service providers.

• The advantages and benefits of such mutual trust systems have been cited at numerous forums and have been well established.


Introduction: Identity Federation

• Global initiatives on Identity Federations since last 20 years


Identity Federation: Still a Developing Field!

• Identity Federation is still a developing science..

• Implementations vary and trust mechanisms differ.

• Different frameworks are put forth.


Frameworks: Concepts vs. Practices

The basics and concepts of Identity Federation are rather

old and well understood ..

• Different frameworks and initiatives leading to trust establishment between different service providers (relying parties) based on the Identity Verification/ Authentication.

• All of these are based on Open Standards and use SAML Assertion.


Identity Federation Considerations

Identity Provider

Service Provider

Service Seeker

Digital Identity

Identifiers

Credentials

Application Domain

Identity Assertion

Circle of Trust

Single Sign On


Identity Federation: Identity Provider Role

Pivotal & key role in the Identity

Management


Cross Border Identity Management

In the context of multi-organization

identity management systems, the ID provider’s role then becomes crucial in the

authentication of users.


Mutual Trust

The service providers need to trust the identity

provider with respect to the

authentication of users.


Decentralising Identity Management

Each Service Provider manages their own identity

management system that determines eligibility,

privileges, etc. to authenticated service seekers,

while the identity itself is

managed by the Identity Provider.


Examining Identity Federation & Management


Building Trust

• There are well established models that have prompted Governments to move up the value chain in the Identity Systems.

• Governments for long have been the de-facto identity providers to their citizens and residents, e.g., passports, ID cards, driving licenses, election cards and so on.

• With Trust and Identity Assertion becoming the need of the hour (with the advancement of the internet and remote service delivery), the Government Identity systems have evolved into the current Smart Identities complete with Digital Identity, various electronic identifiers, and credentials.


Identity Federation in GCC Countries

GCC Government ID

Programs fit these requirements fully

& are compliant to all the design

requirements of an interoperable and federated identity in GCC.


International Case Studies and Benchmarks

• Examine the design aspects of Identity Federation to make a case for an International Cooperation and interoperability across the GCC- especially in the light of the success reported by the STORK Project and the current STORK 2.0 initiative.

Stork > Stork 2.0 >>> GCC???

Single European e-Identification and Authentication


serves as a perfect platform for establishing trust between different entities cutting across borders

National ID Card as enabler for Digital Transactions


Digital ID Issuance, Services & Magmt – GCC Context


Digital Identity – GCC Context

Key to the Digital Identity is the

ownership of the Government ..


Digital Identity – GCC Context

Identity Assurance from the Government need

to be backed by a Legal System and a

National ID Authentication

Framework consisting an Authentication

Gateway delivering ID Verification and

Validation Services with an effective ID

Lifecycle Management.


All this needs now is to ensure that IDs are interoperable and “digitally”

recognized across borders

All GCC countries have their individual Digital ID Systems

GCC Identity Federation: the Missing Piece?

Interoperable ID?


Digital Identity- the GCC Context

National Identity Providers in GCC bloc should extend their services to ACT as a PROXY for each other. This will BRIDGE Identity Providers in a seamless bind for individual digital ID holders across the Identity Providers.


Digital Identity- the GCC Context

Authentication carried out by the Home ID Provider can be passed on as a “token” to another ID provider.


National ID Card & Federated Identity


GCC & Federated Identity


Conclusion: If we really want to get there!

A Federated Identity Service Beneficiaries: 1. User with Digital Identity

2. Service Provider (SP)

Customers of the

Federated Identity

Services!


Understanding Customers Mindsets

A Federated Identity Service Beneficiaries:

Need to define service specifications and reach the delight levels of both ends of the customer spectrum.


The Challenge ..


Conclusion

1. A single PAN GCC Digital Identification and Authentication area

2. GCC e-ID Interoperability Platform that will allow citizens to establish and conduct e-transactions across borders, just by presenting their national e-ID

3. Cross-border user authentication enabling access to education resources, commercial transactions, banking transactions etc.

The benefits from such an Identity Federation scheme are enormous and will take the current economic cooperation of GCC to higher levels.


What could Federated Identity bring to GCC?

1. Knowledge Management Access to Education material for students

across universities

2. Healthcare Management Access to healthcare services and insurance

with a single identification and authentication

3. Government Services

4. IT Transformation Cloud Services Access


Conclusion: Interoperability

• Interoperability will certainly become a precondition backbone for future development efforts, whether its social, economical, political, etc.

• Sustainability will become more associated with interoperability.

• As the world gets more ubiquitously connected, countries, and governments in particular would need to act as such..

• This would be a spinning riddle; conundrum for some(LONG)time until it gets resolved!


Thank you Dr. Ali M. Al-Khouri

Director General | Emirates Identity Authority | UAE www.emiratesid.ae | [email protected] |

Read our recent research from: http://www.emiratesid.gov.ae/ar/media-center/publications.aspx

@DrAliAlKhouri

Technology

Federated e-Identity Management across GCC Countries