Anil John
Making Digital Services Secure and Trustworthy

Anil John

What Capabilities are Enabled by Public Sector Federated Identity Platforms?

 Tweet  Share  Share  Comment  Print  Email

I've written before about Multi-Sided Platforms and how it provides a model for looking at identity federation. Given that public sector organizations across the world are starting to deploy such platforms (brokers, exchanges, hubs etc), this blog post looks at some potential capabilities that could be enabled by such platforms.

I won't belabor the benefits of minimizing integration pains, enabling protocol mediation and privacy respecting capabilities. They are all critical, but well understood, aspects of why the public sector is going with the Platform-in-the-Middle approach to leveraging non-public sector identity services.

In this post, I would like to focus on two things that have great impact on the adoption of identity federation in the public sector; Culture and Contracts.

Public sector agencies vary in their understanding of identity, and their mission and the nature of their relationship with the citizen often drive that understanding. You will often find a deep and nuanced view of identity, risk and fraud in agencies that maintain a citizen's vital records. As I have noted before, these are the agencies that often have a role in identity establishment.

These agencies believe (and rightfully so) that their internal capabilities for identity proofing are more trustworthy than anything found in the private sector. I personally don't believe in force-feeding these agencies CSPs or Identity Managers. But they may very well find Token Managers, offered via a Platform-in-the-Middle to be an attractive option. It allows them to control the identity proofing and the secure binding to the token. The reverse case is an Agency that has a mature Token Management infrastructure and wants to leverage external Identity Managers.

On the contracting side, using the Platform as the point of demand aggregation to drive pricing negotiations for the services, improves choices while enabling a flexible pricing model based on needed capabilities.

In short, the key to using the platform for identity federation adoption is to have options available, buffet-style, tailored to Agency needs and culture and not a one size fits all solution.

RELATED INFO


Did you find this interesting? Don't miss any new posts. Sign up to automatically receive them now!

I will never share, rent, or sell your information to anyone. Cancel anytime.

This blog post first appeared on Anil John | Blog (https://blog.aniljohn.com). The opinions expressed here are my own and do not represent my employer’s view in any way.

Topic(s):
By on |

Continue The Conversation ...

I would love to know your thoughts on this blog post. Please leave a comment below!

I am a digital security coach. I help technical leaders make digital services secure and trustworthy. Learn more »

Free Updates

I will never share, rent, or sell your information to anyone