The next generation of Identity

After over a year of effort, I’m excited to see the results of many people become publicly available.

The Province of BC wants to enable the right people to get the right information at the right time to enable better outcomes.  One of the initial roadblocks in accomplishing this goal is knowing who the right people are — an identity management problem. The Province held an Identity Management Forum over a year ago and invited representatives from the various provincial ministries, the broader public sector and Identity and Access Management vendors. They invited me to come and speak as well. The results of the Forum was a desire from all parties to work towards resolving the issue(s).

I volunteered to lead the vendors, and after kicking the issues around a couple times, it was clear that there was not a common understanding of the problem. Discussions were similar to the proverbial group of blind men all trying to describe the elephant. We proposed a project to the CIO office to gather the public sector and vendors together and identify representative use cases, clarify requirements (PDF) and then develop an architecture (PDF) that would satisfy those requirements. I had the honour of being the cat herder for the project and there was great participation from pretty much all the participants. Many of the participants commented how their perceptions of the issues and possible solutions had shifted during the project.

Here is a quote from the architecture introduction that gives a sense for the issue:

Over the past three decades, the Provincial Government and Broader Public Sector (BPS) organizations have invested heavily in the automation of business processes. Much of this investment has taken place only to meet a single organization’s unique local needs. It was usually done with limited consideration towards building interoperable cross-organizational information architecture.

To achieve the broader goals of the Province and improve service delivery, a mechanism must be created to securely share information between organizations and systems. An important piece of this mechanism is the development of common cross-organizational standards for interoperable identity management.

 Following is the posting from the province:

The Office of the Chief Information Officer (OCIO) for the Province of British Columbia, with the advice and counsel of an executive committee of Broader Public Sector (BPS) Chief Information Officer’s (or equivalent), and key industry leaders have collaborated to develop an architecture that would enable an identity management service for the government and the BC BPS.

The goal of this project is to develop an identity management architecture to enable interoperation across a diverse range of public sector organizations and their service providers using multiple vendors’ technology solutions.

The OCIO would like to thank the following contributors to the BC Identity Management Forum. Without whose efforts, the deliverables below would not have been realized.

The two major deliverables identified as key to the success of the project goal were:

* Requirements Document (Final Draft 10.3 - August 10, 2007) Adobe Acrobat reader required [PDF 59KB]
* Architecture Document (Final Draft 3.0 - August 10, 2007) Adobe Acrobat reader required [PDF 316KB]

Readers are strongly encouraged to provide constructive comment and feedback for the documents, prior to October 5, 2007 to the Architecture and Standards Branch of the OCIO.

For more information on the BC Identity Management Architecture Project please contact the Architecture and Standards Branch of the OCIO

The next phase of the project is to identify some implementation pilots and put some solutions in place. Stay tuned for updates!