The Role of SAML for Identity Management in the Danish Public Sector OASIS Adoption Forum London Lon

1
The Role of SAML for Identity Management in
the Danish Public Sector OASIS Adoption Forum
LondonLondon, 28th November, 2006
Ministry of Science, Technology and Innovation,
National IT and Telecom Agency
IT Architect Søren Peter Nielsen
2
Agenda

• A few facts about Denmark
• Motivations for choosing SAML 2.0
• Current status and initiatives

3
Denmark- the Fundamentals

• 5.5 mill. inhabitants and one of the richest and
  most equal countries in the world
  
• Four levels of government with divided
  responsibility for tasks both horizontal and
  vertical (EU, central government, counties (14),
  municipalities (268)
• Ongoing major structural reform fewer regions,
  larger municipalities
  
• Public sector makes up 1/3 of workforce
• Consensus culture in a multiparty system

Has PKI-infrastructure with 700.000 issued
certificates to citizens public/private
employees
4
Danish e-Government Maturity
Denmark has been number one in e-Readiness for
the last three years according to the Economist
Intelligence Unit and The IBM Institute for
Business Value
2005
5
Recent government decisions April June 2006.

• Generel E-government in Denmark
• In 2012 all relevant written communication
  between companies, citizens and the public sector
  should be electronic.
  
• Open Standards
• The Danish Parliament imposes the government to
  ensure that the use of IT is based on open
  standards.
  
• The government is required to maintain a set of
  open standards (January, 2008).
  
• A comply-explain demand to the authorities to
  follow the use of open standards in new
  solutions.
  
• Open standards should after January 2008 be the
  foundation for the development and procurement of
  IT to ensure competition.
  

6
Danish e-Government so far has been through a
Decentralized Approach
E-Government services are delivered by many
different organizations
7

• To give citizens and businesses one-stop
  access to a de-centralized public sector an
  underlying coherent identity infrastructure is
  required
• To avoid prescribing usage of certain products
  this identity infrastructure must be based on
  open standards
  
• SAML 2.0 has become the "standard-of-choice" for
  governments deploying a wide variety of
  identity-based services

This presentation will explain the Danish reasons
for choosing SAML 2.0
8
Creating a coherent secure robust effective and
flexible public sector identity infrastructure is
like eating an elephant

• One bite at a time

9
Important Goals for the First Bite of Work

• Support the ability of different authorities to
  use a shared login-service
  
• Single Sign-On (SSO)
• Establish a structure that can be the basis for
  exchanging authorisation information between
  independent organisations
  
• Embrace the use of different mechanisms for - and
  levels of - authentication
  

10
Resulting Reference Architecture for
Cross-organizational Single Sign On
Portal
Approved by Danish GovernmentIT Architecture
Committee after public hearing in Autumn 2005
Identity Provider (IdP)

• Includes recommendations about
• Levels of Authentication
• Core user identity attributes
• Unique key to link user accounts

Service Provider (SP)
Conceptual Architecture is adopted from US
Federal e-Authentication initiative
SAML 2.0 is the recommended federation standard
11
SAML 2.0 is the recommended standard for
federation in the Danish public sector

• Approved by IT Architecture committee in April
  2005
  
• Reconfirmed in March 2006 together with decision
  to work for convergence among the different
  federation standards/specifications
  
• Choice of SAML 2.0 validated by Gartner in
  October 2006 report

12
Basis for Recommending SAML 2.0

• Based on an evaluation of
• Functionality according to requirements
• Support for the standard in commercially
  available products
  
• Usage of SAML in other public sector solutions
• Statements from research and analyst companies
• Ratified open standard
• Composability with other ratified standards
  like XACML and SPML
  
• Future development of the standard
• Availability of 3rd party Interop
  Testning/Certification

13
Challenges of having competing standards - The
question is

• Should federation be considered an integration
  technique that is used to allow several
  organisations share a limited set of
  applications? or
• Should federation be considered an underlying
  necessary infrastructure to allow citizens,
  businesses and authorities to collaborate
  broadly?

Can we fulfill the goals in the EU eGovernment
i2010 action plan without taking the
infrastructure perspective?
14
Federation is similar to creating an efficient
railroad infrastructure

• This cannot be studied as
• a single station issue
• as an individual line issue
• This is a question about creating an overall
  efficient infrastructure and how we best spend
  the tax payers money while creating it
  

Having different width tracks side-by-side
probably isnt the best way to do it
15
But isnt it just a question about putting up
some gateways?

• Well, it can be a tactical solution besides the
  extra cost being pushed into the federation,
  besides the the added performance, scalability
  and security issues
• However, currently it can only work for lower
  level security scenarios as the integrity
  requirments for higher level security cannot be
  maintained
• ? Illustration follows

16
Danish public sector shared service requirements
for maintainingintegrity of users identity in a
gateway scenario
SAML 2.0
Service Provider
SAML 2.0
Login Web or Localnetwork
- Citizen- Private employee- Public employee
SAML 2.0
Service Provider
The above is one of the basic use cases for a
Danish public sector federated identity concept.
The SAML 2.0 standard is for many good reasons
the preferred way to support this. However, there
is a desire for a gateway function that also
includes service requesters supporting only the
WS-Federation specification as illustrated on the
next slide.
Service Provider
17
Danish public sector shared service requirements
for maintainingintegrity of users identity in a
gateway scenario
SAML 2.0
Service Provider
Login Web or Local network
- Citizen- Private employee- Public employee
SAML 2.0
SAML 2.0
Gateway WS-FED token ? SAML 2.0 token
Service Provider
LoginWS-federation w/ SAML 1.1.token
- Public employee
The desired gateway should allow service
requesters to enter the federation using the
WS-Federation specification and then convert the
WS-Federation supplied token (presumably a SAML
1.1 token as user attributes also should be
transferred) to a SAML 2.0 token
Service Provider
18
Danish public sector shared service requirements
for maintainingintegrity of users identity in a
gateway scenario
requires High confidence in asserted identity's
validity
SAML 2.0
Service Provider
Login Web or Local network
- Citizen- Private employee- Public employee
SAML 2.0
requires Some confidence in asserted identity's
validity
SAML 2.0
Gateway
Service Provider
LoginWS-federation w/ SAML 1.1.token
- Public employee
requires High confidence in asserted identity's
validity
The issue for the gateway scenario is when the
service provider requires High confidence in
asserted identity's validity. This requires the
assertion to be signed at the point of origin.
However, even if WS-Federation allows for signing
the SAML 1.1 token this signature cannot be
maintained when being converted to a SAML 2.0
token
Service Provider
19
Current focus for Danishpublic sector federation

• Establishing a shared publicsector login
  solution including necessary trust framework
  
• Add Attribute Authority to the reference
  architecture
  
• Federation of web services
• Collaboration in Liberty Alliance eGovernment
  Special Interest Group
  
• Participation from public sector institutions in
  Finland, France, New Zealand, Norway, UK, USA,
  and Denmark
  
• Sample work themes
• Public sector input to Legal Templates work
• Develop eGovernment scenarios
• Business models for federations
• Promotion of open standards

20
Additional Info

• Søren Peter Nielsen
• E-mail spn_at_itst.dk
• Get a document detailing in English the
  motivations for the Danish public sector
  recommendation of SAML 2.0 herehttp//www.oio.dk/
  arkitektur/brugerstyring/english/saml

21
Open Standard - The definition

• Everyone agrees that open standards are good
• But not everyone agrees on the definition of
  open

• The Danish definition of a completely open
  standard
  
• - Available and free for all
• - Stays Available and free
• Freely available and documented in all details
• NEW Open proces.

22
Why open standards

• Why open standards?
• Gives low entry barriers to suppliers
• Avoid lock-in
• Make it easier for everyone to make an offer
• Cheaper solutions
• More choice
• Help bring about interoperability
• Facilitate communication and information
  exchange
  
• Fosters innovation!

23
Two paths to G2G interoperability - benefits and
drawbacks
Proprietary standard
Open standard
due to high license costs (or no access to the
standard at all)
since the standard is free to use
High entry barriers to IT suppliers
Difficult or impossible transformation of data
Low entry barriers to IT suppliers
Easier or cheaper transformation of data
Fewer suppliers
Difficult, expensive or impossible migration to
new systems
Expensive or impossible communication and
information exchange
No need for common it systems
More suppliers
Less competition
e.g. everyone choose ms office suite
Easier communication and information exchange
Competition
Need for/tendency towards one common it system
Easier migration to new systems
Less choice
No interoperability G2B, G2C, etc.
More expensive solutions
No choice (supplier lock-in)
Choice
Cheaper solutions
Choice (no supplier lock-in)
Interoperability G2B, G2C, etc.
Choice
No choice
No need for transformation of data
G2G Interoperability
G2G Interoperability
24
Reference models helps moving forward with
adecentralized approach
A reference model is based on a small number of
unifying concepts and is an abstraction of the
key concepts, their relationships, and their
interfaces both to each other and to the external
environment.

• Gives common language and common understanding
  for a well defined area
  
• Helps identify requirements for new standards
• ..and describe interfacesbetween different
  elements
  
• Creates a base for interoperability in an open
  market
  
• Helps creating alignment, removing redundancy,
  identifying shared solutions/components

Reference models has a broad audience.All
recipients are not necessarily know in advance.