1

Identity and Transparency(Bridging the GAPS of Governance in eGov Initiatives )

Badri SriramanUnisys IncorporatedRakesh RadhakrishnanSun Microsystems, Inc.

2

Agenda

• Overview of “Identity & Transparency”• OSTP – IDM Report – GAPS• Current Transparency Initiative• IDM as the Bridge (Telco eGOV partnerships)• Conclusions

IDM enables Transparency• Identity enabled Security Architecture

• (Confidentiality, Integrity and Availability)• Identity enabled Pervasive Policies for the Network• Identity enabled Context• Distributed Authentication, Authorization and Attribute Authorities• All THREE Lay the foundation for Transparency & Trust

• 4th and 5th book: “Identity and Transparency” + “Identity & Trust”

OSTP – Report on IDM - GAPS• Current Model is Stovepiped• Difficult to Integrate• Static in Nature

OSTP – Report on IDM - Deficiencies

• Cross Organizational Coordination• Disparate Security Management Protocol• Inconsistent Agency Implementations • Screening Information Sharing• Inconsistent system-security usages, operating rules and

procedures• System wide security for evolving grid• Exploitation of Identity Information• Interoperability Shortfalls

• lack of trust, • consistent metrics, etc.)

• Designed to provide convenience and efficiency by allowing secure reuse of credentials and attributes across many apps

OSTP – Report on IDM - Goals• Adaptive, Responsive and Universally Accessible• Attuned to social acceptability and privacy –valued by users• Extensible in Scale and Scope (billions of identities, trillions of

policies and millions of use cases)• Easy to Use and Maintain• Secure & Effective (leaving minimal risk for exploitation,

alteration of misuse)• Invisible to the end USER• More responsive to Law, Policy, Social Sensitiveness as

regards to privacy• Streamlined Simplified structure from the point of view of

sponsors and users• Designed to provide convenience and efficiency by allowing

secure reuse of credentials and attributes across many apps

OSTP- Report on IDM – Target• Digital ID Repository• Privilege Applications• Grid Cloud Computing

OSTP- Report on IDM – Target• Technology• Collaborative• User Centric

OSTP- Report on IDM – Target• Federated Identity (A Construct of Credentials within a Context)• Federated Policy (A Policy Set Executing for a Context)• Federated Context ( A Set of Attributes about the Identity)

OSTP- Report on IDM – Target• Pluggable Architecture• Extensible in Scale and Scope• Utility Model with Balanced Stakeholder equities

OSTP – Report on IDM -Scope• Internal to the Federal Government

• Between the Federal Government and other Government Jurisdictions

• Between the Federal Government and the International Community

• Between the federal government and U.S. organizations, commercial entities, and individuals accessing government re-sources (both facilities and systems).

IDM enables Transparency• President Obama's directive on

• “Transparency and Open Government”

Government should be transparent.  Transparency promotes accountability and provides information for citizens about what their Government is doing.  Information maintained by the Federal Government is a national asset. 

Government should be participatory. Public engagement enhances the Government's effectiveness and improves the quality of its decisions. Knowledge is widely dispersed in society, and public officials benefit from having access to that dispersed knowledge. Executive departments and agencies should offer Americans increased opportunities to participate in policymaking and to provide their Government with the benefits of their collective expertise. 

Government should be collaborative.  Collaboration actively engages Americans in the work of their Government. Executive departments and agencies should useinnovative tools, methods, and systems to cooperate among themselves, across all levels of Government, and with nonprofit organizations, businesses, and individuals in the private sector.  

Transparency, Participation& Collaboration• Data.gov – Public Data available in Public Domain• DODtechpedia – Collaboration on Defence Related Tech• Regulations.gov – Participation in Policy Making• OpenforQuestions – Forum for Participation• Healthreform.org – Forum for Participation in Health Care• PeertoPatents – Collaborate on Patents• IdeaFactory – Collaborate on Ideas• Business.gov – Business & Gov Collaboration

IDM enables Trust & Transparency

• Trust implies Security (confidentiality, integrity, availability)• Trust implemented via a IDM enabled Pervasive Policy

Paradigm • Trust enables Transparency (Trust equates to Truth over

Time and Transparency is Truth near Real Time)• IDM integrated with DLP, JEE Containers, Apps, VM/OS &

Network• IDM Integrated with Integrity and Audit tools• IDM enables Privacy & Confidentiality• IDM integrated with Compute and Carrier Clouds (NG Grid)• IDM enables Secure Context Exchange• Bidirectional (multi-directional between respective

stakeholders) Transparency is Critical