home | contact us | francais | login:
 
>> Home >> Knowledge Management >> IAA Working Group >> Framework, Policy and Guidelines
    

[Normal View]         [Print Preview]        

Research
Taking Care of Business         Citizens First         Publication Sales         Publications and Research
Common Measurements Tool
About the CMT         Benchmarking Service         Publications         Request CMT         FAQs
Knowledge Management
Research Repository         Clearinghouse         Best Practice         Inter-Jurisdictional Task Force         IAA Working Group
Joint Council
PSCIOC         PSSDC         Joint Council         Login
Awards
Heintzman Leadership Award
Events
Event Details

 

IAA Working Group

 

Identification, Authentication and Authorization Framework, Policy and Guidelines

The PSCIOC / PSSDC Cross-Jurisdictional Working Group on Identification, Authentication and Authorization has developed a paper entitled Identification, Authentication and Authorization Framework Policy and Guidelines for consultation.

As the results of this work will have broad implications for access and privacy, information classification and security, it is important to seek input from a variety of key stakeholders across the country. This consultation draft is now being circulated to key stakeholders to seek their input and feedback.

In order for cross-jurisdictional identification authentication and authorization to successfully take place, there are a number of component pieces that will need to be developed, addressed and put in place. This identification authentication and authorization framework policy and guidelines document is meant to be one of those components.

The framework and guidelines set out a structure that jurisdictions can follow that, when used consistently by participating jurisdictions, will enable interoperability by providing a means for aligning business processes with authentication techniques based on a business risk assessment. The aim is to facilitate trust in the growing number of online transactions.

The standards set out in this document are neutral - politically, legally and technologically. It is hoped that this neutrality allows for individual programs or jurisdictions to choose what works best for them within the defined, standardized framework.

This document also identifies other key components for cross-jurisdictional identification authentication and authorization such as the need for an ongoing governance structure, privacy and liability issues to be addressed. A supplemental guideline is included outlining requirements for the development of practice assessment statements.

The consultation draft of the proposed authentication guidelines has been released to seek feedback on the proposed framework from all stakeholders, including Federal, Provincial and Municipal Government agencies and privacy groups.