Upload
emirates-identity-authority
View
118
Download
2
Embed Size (px)
DESCRIPTION
Al-Khouri, A.M. (2011) 'The Development of a Federal Digital Identity', BIT's 1st Annual International Congress of u-World 2011, October 23-25, 2011, Dalian World EXPO Center (DWEC), China.
Citation preview
Our Vision: To be a role model and reference point in proofing individual identity and build wealth informatics that guarantees innovative and sophisticated services for the benefit of UAE
www.emiratesid.ae © 2010 Emirates Identity Authority. All rights reserved
Federal Authority| هيئــــــــة اتحــــــــــــادية
“The Development of a Federal Digital Identity”
2011 23 October 2011
Forum 4: IoT Privacy, Security, Standard and Industrial Implantation Session 4-1: IoT Privacy, Security, Standard and Industrial Implantation
Time: 13:30-17:10, Oct 23, 2011 (Sunday), Place: Meeting Room 11, 2nd Floor, DWEC
BIT's 1st Annual International Congress of u-World 2011 October 23-25, 2011
Dalian World EXPO Center (DWEC), China
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
2
• Digital World shifting into a new paradigm.
• IP Addressable devices everywhere, Internet has become all pervading.
• IP V6 turned fantasy of “things” communicating digitally into a daily
reality.
• With increasing connectivity, the
complexity of identification increases and
in midst of all “Things” is the Human
Identity!
Internet of Things?
IOT- The U World
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
• Country wide Internet Backbone
o Facilitating information exchange
o Business Transactions o e-Government
Widespread need for Internet connectivity?
Federal Identity Context
Federal responsibility
• National Critical Infrastructure
o Internet Connectivity o Identity in this digital space
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
4
Federal Identity Strategy Framework
With Digital Identity becoming a national responsibility, a proper strategy for the Identity Management becomes very imperative at the national level.
UAE Strategy
Framework
designed to
ensure a robust Identity System is
established in
the country.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Identity Strategy
• In recognition of the UAE
government of the imperative
need of a National Identity
strategy
• Emirates Identity Authority was established in 2004
• with the Vision to be the principal reference for
establishing the personal identity and providing
population data in the UAE.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Emirates Identity Authority’s strategic direction has been defined and aims
for (1) national and individual security, (2) simplification of transactions,
(3) facilitation of innovative e-services .
Federal Identity Strategy
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Digital Identity
Emirates Identity
Authority
has defined the
Digital Identity
Framework
with Six main components
Identity Management
Access Management
Policy Management
& Enforcement Compliance
Role Management
Interoperability
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Digital Identity
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Digital Identity
Identity Management
provides for all the
processes for, enrolling
the population as a
register for issuing a
digital identity, issuing
credentials for the
Identity and providing
tamper proof storage
of identity in the form
of a Smart Card.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Digital Identity: Services Framework Having issued a Digital Identity to the nation’s population, it is time now for providing the services around the National ID. This framework represents the UAE Nation Identity and Credential Management.
Digital Identity Issuance comprises of a Unique ID Number in the Population Register, Biometrics of the individual enrolled against this IDN and a Digital Certificate Issued to guarantee the ID from a National PKI.
The ID Lifecycle Management takes the center stage of the Identity Services Framework. This translates to managing the Digital ID Lifecycle, the ID Card Lifecycle, the Credentials (Digital Certificates) Lifecycle and management of the personal profiles of the ID holders.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Digital Identity: Services Framework Having issued a Digital Identity to the nation’s population, it is time now for providing the services around the National ID. This framework represents the UAE Nation Identity and Credential Management.
Digital Identity Issuance comprises of a Unique ID Number in the Population Register, Biometrics of the individual enrolled against this IDN and a Digital Certificate Issued to guarantee the ID from a National PKI.
The ID Lifecycle Management takes the center stage of the Identity Services Framework. This translates to managing the Digital ID Lifecycle, the ID Card Lifecycle, the Credentials (Digital Certificates) Lifecycle and management of the personal profiles of the ID holders.
• The ID Lifecycle Management takes the center
stage of the Identity Services Framework.
i.e., managing the Lifecycle of Digital ID, the ID Card,
Credentials (Digital Certificates) and management of the personal profiles of the ID holders.
• Digital Identity Issuance
comprises of a:
(Unique ID Number, Biometrics,
Digital Certificate from a
National PKI).
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal
Digital
Identity
Service
Architectur
e
The Digital Identity Service Architecture is developed based on the Service Framework. As a Unique ID is created Emirates Identity Authority interacts and integrates the data with multiple Government Agencies in establishing a Unique Identity Profile for every person. This is driven by the National Policies on Identity and supported by the Legal Framework in the country with the existing decrees on Cyber Law and Digital Signatures. Emirates ID Authority Issues ID, provides an ID Card, provides ID Verification Services and Assures the ID. Identity Lifecycle Management is provided resulting in effective Authentication with Multi Factor Authentication mechanisms. Assurance of the ID is provided by the PKI and Time stamping, encryption and decryption services using the personal certificates provided in the ID Card that enable secure transactions. Using the data services Emirates ID Authority complements the core ID Services that enable Role and Privilege Management to the ID Holders. This provides an excellent mechanism for delivering Social Benefits to the ID Card Holders remotely thus greatly enhancing e-Government initiatives.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
The Digital Identity Service Architecture is developed based on the Service Framework. As a Unique ID is created Emirates Identity Authority interacts and integrates the data with multiple Government Agencies in establishing a Unique Identity Profile for every person. This is driven by the National Policies on Identity and supported by the Legal Framework in the country with the existing decrees on Cyber Law and Digital Signatures. Emirates ID Authority Issues ID, provides an ID Card, provides ID Verification Services and Assures the ID. Identity Lifecycle Management is provided resulting in effective Authentication with Multi Factor Authentication mechanisms. Assurance of the ID is provided by the PKI and Time stamping, encryption and decryption services using the personal certificates provided in the ID Card that enable secure transactions. Using the data services Emirates ID Authority complements the core ID Services that enable Role and Privilege Management to the ID Holders. This provides an excellent mechanism for delivering Social Benefits to the ID Card Holders remotely thus greatly enhancing e-Government initiatives.
Federal
Digital Identity
Service Architecture
developed based on Service Framework
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Using the data services Emirates ID Authority complements the core ID Services that enable Role and Privilege Management to the ID Holders. This provides an excellent mechanism for delivering Social Benefits to the ID Card Holders remotely thus greatly enhancing e-Government initiatives.
Identity Lifecycle Management:
• interacts and integrates
data with multiple
Government Agencies to
maintain a Unique Identity
Profile.
• Verification: multi-factor
authentication mechanisms.
• Assurance: PKI and Time
stamping, encryption and
decryption services using the
personal certificates provided in the ID Card that enable secure
transactions.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
• Data services enable Role
and Privilege
Management to the ID
Holders.
• This provides an excellent
mechanism for delivering
Social Benefits to the ID
Card Holders remotely
thus greatly enhancing
e-Government initiatives.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
National ID Services y include a number of a components to provide a trust based ID Validation Gateway: 1. ID Card- is the card genuine? 2. Card Holder information- is the public
data read from the card correct? 3. Card Holder Identity claim- is the ID
claimed correct? Verify the certificate, Verify the Biometrics Off the card
irrefutable verification of Identity and secure validation of presented credentials.
UAE Validation Gateway
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Federal Identity Strategy
• National ID Services include a number of a
components to provide a trust based ID
Validation Gateway:
1. ID Card- is the card genuine?
2. Card Holder information- is the public data
read from the card correct?
3. Card Holder Identity claim- is the ID claimed
correct? Verify certificate & biometrics.
• irrefutable verification of Identity and secure
validation of presented credentials.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
National ID Provider
ID & ID Services Provider
ID + ID Services + Transaction Facilitator
Strategic ID Services Consultant- Information Intelligence
2011 2012 2013 2014
1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
Org
aniz
atio
nal
Mat
uri
ty
Target: 8 Million Registrations
Target: ICAM Framework, SOA, PKI
& Basic ID Services
Target: SOA, National ID Portal and full ID
Management Services
Target: Mature ID Services for External Government Tie-Ups
Objectives
Initiatives
Projects
Organizational Transformation
The roadmap is
an indicator of
Emirates ID
Authority
transformation
to a Service
Organization.
From an issuer
of Identity,
Emirates ID is
evolving into a
Service based
organization.
Federal Digital Identity Roadmap
Strategic Planning process to introduce PKI, Validation Gateway, etc.
© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority
Ali M. Al-Khouri | Director General |
Emirates Identity Authority | [email protected]
Thank you
www.emiratesid.ae