Security and Government On-Line - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Security and Government On-Line

Description:

Chief Information Officer Branch Government of Canada PKI Secretariat Gestion du dirigeant principal de l information Security and Government On-Line – PowerPoint PPT presentation

Number of Views:91
Avg rating:3.0/5.0
Slides: 19
Provided by: Heathe243
Category:

less

Transcript and Presenter's Notes

Title: Security and Government On-Line


1
Security and Government On-Line
Government of Canada PKI Secretariat
  • Getting the Model Right

First Annual Privacy and Security
WorkshopNovember 10, 2000
We will have a world class public key
infrastructure in place Prime Minister Jean
Chrétien
2
Origin of Government On-Line Initiative
  • The Government will become a model user of
    information technology and the Internet. By
    2004, our goal is to be known around the world as
    the government most connected to its citizens,
    with Canadians able to access all government
    information and services on line, at the time and
    place of their choosing. (1999 Throne Speech)

3
Government On-Line Targets
4
GOC PKI Secretariat Role
  • To encourage the implementation of policies,
    technologies and governance processes in support
    of secure electronic service delivery and
    Government On Line.
  • To contribute to Canadas position as a trusted
    partner in the new global economy by helping to
    promote an e-commerce-friendly environment.

5
Secure Electronic Service Delivery
  • As electronic transactions increase in complexity
    and sensitivity, so too do the requirements for
    privacy and security
  • Secure Electronic Service Delivery (SESD) is a
    critical component of the Government On-Line
    Initiative

6
Strategy Development
Service Requirements (Business Processes)
Policy and Legal Filters
Canadians' Expectations
Security Options
7
Typical Federal Services and Associated Security
Requirements
  • Information publishing
  • anonymous browsing
  • digitally signed content
  • Application for program or service, updates and
    account review
  • confidentiality
  • authentication
  • authorization
  • non-repudiation
  • secure end-to-end automated processes

8
(No Transcript)
9
Security Options
  • Browsing options
  • https
  • Authentication options
  • SSL/PINs on a program-by-program basis
  • PKI across programs
  • Inclusive approach possible
  • Options not mutually exclusive

10
Canadians Expectations of Electronic Service
Delivery
  • They want to use the Internet to access
    government services
  • Government must deliver services in a secure and
    trusted environment
  • Government must ensure the security and privacy
    of personal information by using the best
    available solutions

11
Security Concerns
  • Private information becoming public
  • Malicious or inadvertent changes to information
  • Information ending up in the wrong hands
  • Information theft and fraud

12
Policy Framework
  • Privacy Act
  • Code of Fair Information Practices
  • authorized program
  • direct collection and informed consent
  • consistent use
  • right of correction
  • Treasury Board Policy on Privacy and Data
    Protection
  • Privacy Impact Assessment

13
PKI and Secure Electronic Service Delivery Issues
  • Privacy
  • Collection and sharing of information between
    government services
  • registration, directory
  • Naming of certificates
  • distinguished names
  • how to prevent data linking and inference
  • Single or multiple certificates
  • No key back up

14
More PKI and SESD Issues
  • Portability
  • Accessibility
  • Across jurisdictions?
  • Privilege Management
  • Addressing the need for distributed privilege
    management
  • Distinguishing between identity and authority
  • Communications
  • Public perception and trust

15
Guiding Principle of SESD Development
  • To fully respect privacy principles while
    collecting and using personal information for
    registration, service requests and help-desk
    purposes

16
Getting the Model Right By . . .
  • Meeting Canadians expectations of Secure
    Electronic Service Delivery
  • Supporting departmental services requirements
  • Building electronic service delivery partnerships
    with the public and private sectors
  • Influencing technology development
  • Communicating effectively

17
Government of Canada PKI
Security and Confidentiality in the Digital
World
18
For more information
  • TBS/CIOB/PKI Web site
    www.cio-dpi.gc.ca/pki/pki_index_e.html
  • GOC PKI Secretariat e-mail
    pki-icp_at_tbs-sct.gc.c
    a
  • Brenda Watkins
    (613) 946-5054

    watkins.brenda_at_tbs-sct.gc.ca
Write a Comment
User Comments (0)
About PowerShow.com