Cloud Computing Economics - There Is No Free Service

Cloudonomics Journal

Subscribe to Cloudonomics Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloudonomics Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Cloudonomics Authors: Lori MacVittie, Skytap Blog, David H Deans, Shelly Palmer, Tim Crawford

Related Topics: Cloud Computing, Cloudonomics Journal, Government Cloud Computing, Government News, CIO/CTO Update, Java in the Cloud

Blog Feed Post

Identity Assurance best practices for BYOC – Bring Your Own Credentials

securekey3An upcoming webinar hosted by SecureKey will introduce and explain ‘BYOC – Bring Your Own Credentials‘.

I will be moderating the session, and my introduction and overview is to emphasize how this is a global trend right now, a very big one and also one based on and replicating common open standards based models.

Identity Assurance

An example of this global trend is the UK’s plans for implementing ‘Assured Identity’, summarized in this procurement notice.

This describes how they plan to spend around £30m on IDaaS (Identity as a Service), and that the key technical requirements for these services are set out in the following documents:

Identity Proofing and Verification of an Individual 
Requirements for Secure Delivery of Online Public Services
Authentication Credentials for Online Government Services

More details on the technical requirements can be found on gov.uk

In combination these documents describe best practices for ‘Identity Assurance’ – Fundamentally a process of audit and certification so that your Identity authentication process can be reused by different parties, and there are mechanisms in place to manage the various security implications of this approach.

The SecureKey webinar describes this approach as ‘BYOC’ – Bring Your Own Credentials, referring to the fact that you can now log on to your account with the Government of Canada, by reusing one you might have already provided to your bank for example.

In the UK documents they describe a maturity model framework for Identity Assurance, a set of tables for categorizing various aspects of the Identity process – For example if you use an ICAO standardized biometric passport when you ‘validate’ your online identity, then it scores a highest rating of 4.

An identity validated with level 4 documents can therefore act as a level 4 secured credential, and from there a raft of new security-aware application services offered accordingly.

Join this webinar to learn where the Government of Canada are in their adoption of this approach…

The post Identity Assurance best practices for BYOC – Bring Your Own Credentials appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net