Presentation is loading. Please wait.

Presentation is loading. Please wait.

URI: www.pensive.eu/uid/0128 Putting Citizens at the Centre of Identity Management www.oasis-open.org Towards a “Personal Data Services Model” Peter F.

Similar presentations


Presentation on theme: "URI: www.pensive.eu/uid/0128 Putting Citizens at the Centre of Identity Management www.oasis-open.org Towards a “Personal Data Services Model” Peter F."— Presentation transcript:

1 URI: www.pensive.eu/uid/0128 Putting Citizens at the Centre of Identity Management www.oasis-open.org Towards a “Personal Data Services Model” Peter F Brown Founder, Pensive.eu Chair, “eGovernment Focus group”, CEN (European Standards Agency) Co-Editor, OASIS Reference Model for Service Oriented Architectures All content © 2007, Pensive.eu. Check URI in header for most recent and/or authentic version. This file may be copied on condition that it remains complete and intact, including this page.

2 2 © Pensive.eu, All Rights Reserved Overview An attempt to look at the thorny question of personal data management and gain a wider understanding of: ►what constitutes “personal data” ►how it is identified, authenticated, used and managed ►policy concerns regarding privacy and public policy and propose a way forward consistent with: ►the idea of eGovernment as central to identity policy ►data and identity protection legislation ►political and social imperatives

3 3 © Pensive.eu, All Rights Reserved Transformation eGovernment must be driven by vision and policy and not by technology ►engineers are essential for providing capability and solutions ►but we need more architects and more visionaries ►we need to balance public interest with citizen concerns Examine personal data management in context of: ►what is technologically, legally and operationally possible; ►what is politically and socially desirable; ►what is publicly acceptable See “The Magic Triangle”

4 4 © Pensive.eu, All Rights Reserved Transformation eGovernment is more than just “digitising” paper processes ►Why an eID card ? rather than eID management ►look at a model for personal data management that doesn’t just digitise paper processes…

5 5 © Pensive.eu, All Rights Reserved Typical current Model Family Name Given Name Date of Birth N.I. Number Place of Birth … ID + 1. A new record (and data sub-set) created from user input without reference to other pre-existing records 2. Data added by a specific authority without reference back to original record 3. A new record is duplicated from an already secondary source

6 6 © Pensive.eu, All Rights Reserved ►Citizen still not in control ►Still focussed on needs of process ►No control over replication of data Attraction of “centralised” model ID + + Advantages: ►Referential integrity ►Centrally managed But: ►There is no single, “Centre” ►No system is “all seeing” ►Doesn’t cover private sector 1. Supplementary data added to source original record and then replicated as needed 2. No record replicated from a secondary source but only through reference to original data set

7 7 © Pensive.eu, All Rights Reserved Doctor 91% Teacher 87% Professor 74% Judge 72% Priest 71% TV news reader 66% Scientist 65% Police Officer 64% “Person in the street” 53% Pollster 46% Civil Servant 46% Trade Union official 33% Business Leader 28% Government Minister 20% Politician 18% Journalist 18% Yourself ??% Who do you trust with your data? Mori: Year 2003, 2000+ British Adults aged 16+

8 8 © Pensive.eu, All Rights Reserved Who do you trust to manage your data? ►But who would you trust to “identify” a person? ►the person themselves? ►a peer group? ►a private company? ►a public authority? ►And what guarantees do you have, ►regarding liability? ►regarding data security? ►regarding reliability of the identity (come to think of it: what does “identify” mean and imply?)

9 9 © Pensive.eu, All Rights Reserved eID - Liability ►When other people manage our money: ►there are strong public policy rules ►financial institutions are tightly regulated ►there is a clear model of financial liability ►If we can do it for money, why not for Personal Data? Raises some questions… ►who manages it? ►who is liable? ►who really “owns” it?

10 10 © Pensive.eu, All Rights Reserved eID – Data Security ►Personal data is often processed without the citizen having control ►“Processing” of data is based on needs of the process, not on the needs of the citizen ►Rarely validated with the citizen ►No root identity – (small) subset of personal details often sufficient to “identify” – easy for fraudsters ►Authentication models based on per-industry basis not per- citizen: makes it more unmanageable for the individual ►Citizen willingness to share their data depends on situation

11 11 © Pensive.eu, All Rights Reserved What is “identity” ►In logic, making the assertion that x = y: For any x and y, if x and y have all the same properties, then x is identical to y ►In eID, the objective of “identifying” some person or thing is not usually to actually “know” who the person is, but rather to identify some selected set of properties needed for some particular purpose: ►On the basis that some group of properties presented to us are the same as some identical group of properties, to assert – because they are identical – that they refer to the same person or object: ►e.g. to know that x who is presented to a service is the same person as the y that the service already “knows” (has “on file”) ►A group of properties does not need to be (cannot be) exhaustive, but rather sufficient for the assertion in the particular context : ►e.g. many services do not really need to know “who” someone is, only to know some properties (an address, an age, some other set of personal data and/or characteristics) necessary for the completion of a particular service

12 12 © Pensive.eu, All Rights Reserved Identity in context ►Is there a single set of characteristics/properties that is always sufficient to uniquely identify someone? ►Is it necessary? ►Yes, for some public authorities/ public policy reasons but… ►In many contexts it will be overkill and too expensive ►It will often compromise legitimate concern for privacy ►Another approach: ►provide the set of properties necessary per context - no more, no less…

13 13 © Pensive.eu, All Rights Reserved A different approach… Firstly, distinguish between types of personal data: ►Data needed to identify (may vary according to level of authentication needed) ►Data that can identify (most common approach to identity theft) ►Personal Digital Property (from an MP3 to the Deeds of a house…) and provide “double-key” authentication for every element “eDoc” Family Name Given Name Date of Birth N.I. Number Place of Birth … ID

14 14 © Pensive.eu, All Rights Reserved “eDoc” Family Name Given Name Date of Birth N.I. Number Place of Birth … A different approach… Secondly, architect personal data “provisioning” as a distinct service: ►Personal Data are not just passive “objects” but valuable assets – treat them as such ►Even if services are provided by third parties ►Apply a standard service model ►Leave market to provide compliant solutions ►Leave citizen to choose provider(s) and leave public authorities to verify, validate and authenticate root identity when needed ID

15 15 © Pensive.eu, All Rights Reserved “eDoc” Family Name Given Name Date of Birth N.I. Number Place of Birth … A different approach… ID Thirdly, apply SOA principles to personal data management: ►“Expose” data and service capabilities only according to need (“service opacity”) ►Make data-use transactional ►Make transactions idempotent ►Always provide execution context ►Provide delegation & Mandate Management ►Provide comprehensive auditing of transactions Personal Data used (and signed?) transactionally

16 16 © Pensive.eu, All Rights Reserved A “Personal SOA” ►No a-priori limit to types of data managed ►A single logical (but not necessarily physical) service ►Authenticated transactions, with possibility of “read- once-and-dispose” use of personal data ►User-centred eID management ►Universal interoperability ►Reliable and secure

17 17 © Pensive.eu, All Rights Reserved Some steps in this direction already… ►“Personal Data Vault” (Irish Government) ►“Virtual Safe” (French “Mon Service Public”) ►“Citizen Account” (UK GovConnect) ►“e-Ja” (Polish private-sector initiative)

18 18 © Pensive.eu, All Rights Reserved A missing element: “data model” ►No agreement about how personal data is defined… ►(except by specific industry sectors) ►little or no public policy input ►certainly no citizen input ►…nor how it is managed… ►accessed and delivered transactionally, as a service ►nor by whom… ►need to separate issues of ownership and custodianship

19 19 © Pensive.eu, All Rights Reserved a “Personal data services model”? ►Need for general model and rules for use ►Keep it simple but extensible ►Make it a matter of public policy ►Possible new initiative at EU level (part of work programme within “eID Roadmap”): ►key industry support ►Several public administrations interested already ►could be most revolutionary issue in eGovernment and public policy this decade See “The Magic Triangle”

20 20 © Pensive.eu, All Rights Reserved eIdentity – not just for people In an increasingly inter-connected world, we need to clearly identify what we are connecting with digitally: ►not just people ►but also web pages, web services ►documents ►other digital “artefacts” Stability of identity is a cornerstone of interoperability, security and public confidence in eGovernment and in eServices in general ►Possibly the single most important issue for the “digital world” “eDoc” ID Identify Authenticate

21 21 © Pensive.eu, All Rights Reserved Where to now? ►Policy ►Need for policy support and initiative ►Need for involvement in European Commission’s “eID ad-hoc” Group and associated support work and pilot projects ►Bring the “magic triangle” issues into public discourse, with politicians and civil society Concentrate on policy pre-requisites and framework (in particular organisational, administrative and legal issues), not on the technologies

22 22 © Pensive.eu, All Rights Reserved Where to now (2)? ►Standards ►Do we push for a “standard”, both as an end in itself and as a means of getting the issues on the policy agenda? ►Role of “standards” bodies: ►Public SO or Industry Consortium? ISO? CEN? OASIS? Liberty Alliance? ►Explicitly EU or global (different data protection cultures) Concentrate on promoting a user-centred model for personal data encapsulation and servicing

23 23 © Pensive.eu, All Rights Reserved Where to now (3)? ►Role of Industry: ►PPP? ►Possible research project(s)? ►Proofs of Concept, RFPs and RFCs ►Input to pilot projects Concentrate on building momentum among industry players both to promote technologically feasible approaches and reassure the public polity

24 24 © Pensive.eu, All Rights Reserved The Magic Triangle What is technologically feasible? What is politically & socially desirable? What is publicly acceptable? “Totalitarian models” “Anarchic models” “Utopian models”

25 25 © Pensive.eu, All Rights Reserved What is possible? What is politically & socially desirable? What is publicly acceptable? The Magic Triangle “Ideal” balance point In any domain, the current situation on any axis will fall short of the ideal point. The objective should be to reach the ideal balance point between all three factors in the triangle Remains to be done Continue slide show

26 26 © Pensive.eu, All Rights Reserved The Magic Triangle What is possible? “Ideal” balance point Example: Electronic ID systems What is publicly acceptable? What is politically & socially desirable? Personal Data Services Model With personal data, start with consideration of what is desirable and acceptable…

27 27 © Pensive.eu, All Rights Reserved The Magic Triangle “Ideal” balance point Example: Electronic ID systems What is publicly acceptable? What is politically & socially desirable? Personal Data Services Model What is possible? …and then assess what is possible: technologically, legally, organisationally…

28 28 © Pensive.eu, All Rights Reserved 28

29 URI: www.pensive.eu/uid/0128 Putting Citizens at the Centre of Identity Management Towards a “Personal Data Services Model” peter@pensive.eu www.pensive.eu/uid/0128


Download ppt "URI: www.pensive.eu/uid/0128 Putting Citizens at the Centre of Identity Management www.oasis-open.org Towards a “Personal Data Services Model” Peter F."

Similar presentations


Ads by Google