The Digital Transformation Agency has released its Trusted Digital Identity Framework for public view, after private consultation with unspecified government and industry stakeholders as well as privacy advocates.
Angus Taylor, the Assistant Minister for Digital Transformation, said “a nationally-consistent approach to how digital identity will managed” was the aim of the framework, which is made up of 14 documents.
“These detail requirements including the process for accrediting providers, privacy and security considerations, risk and fraud management, as well as outlining standards for usability and accessibility,” the DTA says.
The TDIF accompanies the DTA’s own digital identity technology platform, Govpass, which is currently in a private beta testing process.
The framework explains how an organisation can be accredited as an “identity service provider”, a “credential service provider”, an “identity exchange” or a combination of the three.
Other documents provide information about privacy and cyber security assessments, user experience, risk management and fraud control.
Anyone who wants to comment on any or all of the documents has about three weeks to do so through the DTA’s feedback system, after registering with a phone number and email address.
The labyrinth of technical information is not easy for non-experts to navigate, but there are various glossaries and other signposts to guide us through the “digital identity federation” it describes. For example:
- Accredited Providers are organisations and government agencies that have achieved Trust Framework accreditation.
- Credential Service Provider is an entity that undergoes the Trust Framework Accreditation Process. They generate and manage authentication credentials which are provided to individuals. This function may be internalised within an Identity Service Provider.
- Identity Exchange is an entity that undergoes the Trust Framework Accreditation Process. This entity conveys, manages and coordinates the flow of identity attributes and assertions between members of the identity federation. Once an Identity Exchange has been granted accreditation it becomes a trusted core element of the identity federation.
- Identity Service Provider is an entity that undergoes the Trust Framework Accreditation Process. They verify the identity of individuals, bind an identity to an authentication credential and assert identity to other members of the identity federation.
- Relying Party is an entity that relies on verified identity information and assertions provided by an Identity Service Provider (or a Credential Service Provider) through an Identity Exchange to enable the provision of a digital service.