Many Pies

Many Pies

Friday, October 05, 2012

Federated Identity and Identity Assurance - why you should care

Yesterday I read a blog entry from the UK Government Digital Service about Identity Assurance.
We’re helping develop a secure service that lets people log in to online government services more easily.
They link to this article by the Telegraph which describes it well (apart from the headline).

I've blogged before about the Polder Consortium where we're thinking about such things. Identity Assurance is part of Federated Identity. If you're in IT then I expect you're going to get friends and family asking you if it's OK to use your Facebook login to access government services. (I suspect a Facebook login may not reach the required standard of assurance.) I'm personally encouraged by the fact that they are consulting with people who worry about privacy.

I think, though, that if you're in IT it's worth understanding about federated identity, authentication, authorisation and assurance levels so at least you can have an informed opinion. (I'll point to a document that's soon going to become available when it does.)

In other news, as they say, the Polder Consortium has released some new standards, recommendations and notes, either because they've gone to Proposed state or because we've decided that some drafts are worth making public.

No comments: