The Development of a Federal Digital Identity

Our Vision: To be a role model and reference point in proofing individual identity and build wealth informatics that guarantees innovative and sophisticated services for the benefit of UAE

www.emiratesid.ae © 2010 Emirates Identity Authority. All rights reserved

Federal Authority| هيئــــــــة اتحــــــــــــادية

“The Development of a Federal Digital Identity”

2011 23 October 2011

Forum 4: IoT Privacy, Security, Standard and Industrial Implantation Session 4-1: IoT Privacy, Security, Standard and Industrial Implantation

Time: 13:30-17:10, Oct 23, 2011 (Sunday), Place: Meeting Room 11, 2nd Floor, DWEC

BIT's 1st Annual International Congress of u-World 2011 October 23-25, 2011

Dalian World EXPO Center (DWEC), China

© 2010 Emirates Identity Authority. All rights reserved هيئــــــــة اتحــــــــــــادية |Federal Authority

2

• Digital World shifting into a new paradigm.

• IP Addressable devices everywhere, Internet has become all pervading.

• IP V6 turned fantasy of “things” communicating digitally into a daily

reality.

• With increasing connectivity, the

complexity of identification increases and

in midst of all “Things” is the Human

Identity!

Internet of Things?

IOT- The U World


• Country wide Internet Backbone

o Facilitating information exchange

o Business Transactions o e-Government

Widespread need for Internet connectivity?

Federal Identity Context

Federal responsibility

• National Critical Infrastructure

o Internet Connectivity o Identity in this digital space


4

Federal Identity Strategy Framework

With Digital Identity becoming a national responsibility, a proper strategy for the Identity Management becomes very imperative at the national level.

UAE Strategy

Framework

designed to

ensure a robust Identity System is

established in

the country.


Federal Identity Strategy

• In recognition of the UAE

government of the imperative

need of a National Identity

strategy

• Emirates Identity Authority was established in 2004

• with the Vision to be the principal reference for

establishing the personal identity and providing

population data in the UAE.


Emirates Identity Authority’s strategic direction has been defined and aims

for (1) national and individual security, (2) simplification of transactions,

(3) facilitation of innovative e-services .



Federal Digital Identity

Emirates Identity

Authority

has defined the

Digital Identity

Framework

with Six main components

Identity Management

Access Management

Policy Management

& Enforcement Compliance

Role Management

Interoperability





Identity Management

provides for all the

processes for, enrolling

the population as a

register for issuing a

digital identity, issuing

credentials for the

Identity and providing

tamper proof storage

of identity in the form

of a Smart Card.


Federal Digital Identity: Services Framework Having issued a Digital Identity to the nation’s population, it is time now for providing the services around the National ID. This framework represents the UAE Nation Identity and Credential Management.

Digital Identity Issuance comprises of a Unique ID Number in the Population Register, Biometrics of the individual enrolled against this IDN and a Digital Certificate Issued to guarantee the ID from a National PKI.

The ID Lifecycle Management takes the center stage of the Identity Services Framework. This translates to managing the Digital ID Lifecycle, the ID Card Lifecycle, the Credentials (Digital Certificates) Lifecycle and management of the personal profiles of the ID holders.


Federal Digital Identity: Services Framework Having issued a Digital Identity to the nation’s population, it is time now for providing the services around the National ID. This framework represents the UAE Nation Identity and Credential Management.

Digital Identity Issuance comprises of a Unique ID Number in the Population Register, Biometrics of the individual enrolled against this IDN and a Digital Certificate Issued to guarantee the ID from a National PKI.

The ID Lifecycle Management takes the center stage of the Identity Services Framework. This translates to managing the Digital ID Lifecycle, the ID Card Lifecycle, the Credentials (Digital Certificates) Lifecycle and management of the personal profiles of the ID holders.

• The ID Lifecycle Management takes the center

stage of the Identity Services Framework.

i.e., managing the Lifecycle of Digital ID, the ID Card,

Credentials (Digital Certificates) and management of the personal profiles of the ID holders.

• Digital Identity Issuance

comprises of a:

(Unique ID Number, Biometrics,

Digital Certificate from a

National PKI).


Federal

Digital

Identity

Service

Architectur

e

The Digital Identity Service Architecture is developed based on the Service Framework. As a Unique ID is created Emirates Identity Authority interacts and integrates the data with multiple Government Agencies in establishing a Unique Identity Profile for every person. This is driven by the National Policies on Identity and supported by the Legal Framework in the country with the existing decrees on Cyber Law and Digital Signatures. Emirates ID Authority Issues ID, provides an ID Card, provides ID Verification Services and Assures the ID. Identity Lifecycle Management is provided resulting in effective Authentication with Multi Factor Authentication mechanisms. Assurance of the ID is provided by the PKI and Time stamping, encryption and decryption services using the personal certificates provided in the ID Card that enable secure transactions. Using the data services Emirates ID Authority complements the core ID Services that enable Role and Privilege Management to the ID Holders. This provides an excellent mechanism for delivering Social Benefits to the ID Card Holders remotely thus greatly enhancing e-Government initiatives.


The Digital Identity Service Architecture is developed based on the Service Framework. As a Unique ID is created Emirates Identity Authority interacts and integrates the data with multiple Government Agencies in establishing a Unique Identity Profile for every person. This is driven by the National Policies on Identity and supported by the Legal Framework in the country with the existing decrees on Cyber Law and Digital Signatures. Emirates ID Authority Issues ID, provides an ID Card, provides ID Verification Services and Assures the ID. Identity Lifecycle Management is provided resulting in effective Authentication with Multi Factor Authentication mechanisms. Assurance of the ID is provided by the PKI and Time stamping, encryption and decryption services using the personal certificates provided in the ID Card that enable secure transactions. Using the data services Emirates ID Authority complements the core ID Services that enable Role and Privilege Management to the ID Holders. This provides an excellent mechanism for delivering Social Benefits to the ID Card Holders remotely thus greatly enhancing e-Government initiatives.

Federal

Digital Identity

Service Architecture

developed based on Service Framework


Using the data services Emirates ID Authority complements the core ID Services that enable Role and Privilege Management to the ID Holders. This provides an excellent mechanism for delivering Social Benefits to the ID Card Holders remotely thus greatly enhancing e-Government initiatives.

Identity Lifecycle Management:

• interacts and integrates

data with multiple

Government Agencies to

maintain a Unique Identity

Profile.

• Verification: multi-factor

authentication mechanisms.

• Assurance: PKI and Time

stamping, encryption and

decryption services using the

personal certificates provided in the ID Card that enable secure

transactions.


• Data services enable Role

and Privilege

Management to the ID

Holders.

• This provides an excellent

mechanism for delivering

Social Benefits to the ID

Card Holders remotely

thus greatly enhancing

e-Government initiatives.


National ID Services y include a number of a components to provide a trust based ID Validation Gateway: 1. ID Card- is the card genuine? 2. Card Holder information- is the public

data read from the card correct? 3. Card Holder Identity claim- is the ID

claimed correct? Verify the certificate, Verify the Biometrics Off the card

irrefutable verification of Identity and secure validation of presented credentials.

UAE Validation Gateway



• National ID Services include a number of a

components to provide a trust based ID

Validation Gateway:

1. ID Card- is the card genuine?

2. Card Holder information- is the public data

read from the card correct?

3. Card Holder Identity claim- is the ID claimed

correct? Verify certificate & biometrics.

• irrefutable verification of Identity and secure

validation of presented credentials.


National ID Provider

ID & ID Services Provider

ID + ID Services + Transaction Facilitator

Strategic ID Services Consultant- Information Intelligence

2011 2012 2013 2014

1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4

Org

aniz

atio

nal

Mat

uri

ty

Target: 8 Million Registrations

Target: ICAM Framework, SOA, PKI

& Basic ID Services

Target: SOA, National ID Portal and full ID

Management Services

Target: Mature ID Services for External Government Tie-Ups

Objectives

Initiatives

Projects

Organizational Transformation

The roadmap is

an indicator of

Emirates ID

Authority

transformation

to a Service

Organization.

From an issuer

of Identity,

Emirates ID is

evolving into a

Service based

organization.

Federal Digital Identity Roadmap

Strategic Planning process to introduce PKI, Validation Gateway, etc.


Ali M. Al-Khouri | Director General |

Emirates Identity Authority | [email protected]

Thank you

www.emiratesid.ae

Technology

The Development of a Federal Digital Identity