The Trouble With Logins: The Challenges of Online Identity

The article explores the challenges of multiple logins and discusses projects like OpenID and OAuth. It also discusses Identity 3.0, the so-called next generation of identity management

Managing The Development Of Secure Identification - Investigating A National e-ID Initiative Within A Public e-Service Context

This paper investigates the management of developing electronic identification (e-ID) within a public e-service context. e-ID is an important key enabler for secure identification, authentication and digital signing via the Internet and a part of e-service design. As users, and citizens, we become reliant on electronic solutions that give us a certain level of utility and trust, and use e-ID solutions to interact with local and central government in an e-service context. The management of e-ID development in a national context is the case in focus for investigation. Such development initiatives, and especially inter-organizational projects, face a number of challenges. Therefore it is a need for a more thorough understanding of e-ID development within a public e-service context. The purpose is to analyse the contemporary management of e-ID development in Sweden from: a) an e-government systems development life-cycle perspective and b) a project challenge and critical success factor perspective. This study concludes that there are significant challenges involved in managing integrated e-ID development. Challenges involve the organization and management of the program and can be traced back to e-government and general project management literature, but based on this study one can question, e.g. governance models, centralization, and a narrow focus on a technical artefact. Important implications from this paper are a call for further contextual studies of e-ID development, putting the user and organizational setting, path dependency, and governance models in focus.FUSe - Future Safe Electronic Identificatio

A strategic framework for e-government security: the case in Nigeria

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophyCountries across the globe are striving towards full-scale implementation of e-government. One of the issues arising with the efforts to this realization is the assurance of secure transactions while upholding high privacy standards. In order to engage citizens in the process, there must be transparency and confidence that the e-government systems they are using are reliable and will deliver the services with integrity, confidentiality and accountability. Different systems require different levels of security according to the services they provide to their users. This research presents an investigation into reasons why e-government security frameworks developed by researchers with the claim that it is one-size-fits-all issue may not hold true, particularly in the case of Nigeria, based on certain identified realities. The claim of a generalized framework appears very challenging because there seem to be much diversity across different governments. Countries differ in one or more of the following characteristics: political systems, legal systems, economic situation, available technological infrastructure, Internet and PC penetration, availability of skills and human resources, literacy levels, computer literacy levels, level of poverty, leadership, and ethnic diversities in terms of norms, languages, and expertise. Security measures implemented in e-government projects in some developed countries, beginning with more established e-government systems around the world, were evaluated and a strategic framework for e-government security proposed which considers both technical and non-technical factors that involve people, processes and technologies. The framework is proposed to advance the rapid adoption of practices that will guarantee e-government security. It seeks to provide a flexible, repeatable and cost-effective approach to implementing e-government security. This research examines the issues of enclosure in the implementation of e-government from the perspective of security and ultimately survivability

Trusted digital identity provision: GOV.UK Verify’s federated approach

The UK’s recently launched GOV.UK Verify service relies on a novel federated approach for digital identity verification. Accredited private companies are tasked with verifying the identities of individuals to enable them to access various government services and portals. The private identity providers can draw on a number of public and private databases to validate users’ identities to a given level of identity assurance. The paper provides an overview of the GOV.UK Verify approach to identity verification. It describes the government’s motivations for developing such a system; the standards, principles, and governance arrangements that underpin it; and how the identity proofing and verification works in practice. It considers the expansion of the Verify model for other government and private sector uses and discusses the exclusion, privacy, and liability risks associated with the use of the system. Finally, the paper highlights important lessons for other countries seeking to develop similar systems for digital access

Surmounting Boundaries: Closing The Governance Gap Governance Arrangements In Public Sector Ict Shared Services

Hundreds of millions of dollars of public money have been spent creating Public Sector ICT Shared Services (PSISS) based on expectations of improved customer service and cost reduction. Unfortunately, the promised benefits have often failed to materialise and governance has been identified as a barrier to PSISS success. The research first locates the concerns that governance, and in particular arrangements for governing PSISS, is contributing to PSISS failure in the academic and practice literatures on PSISS governance. Our current knowledge of PSISS governance is principally informed by literature from three domains: management, public administration and information systems. These domains, to an extent, exist in silos with unique traditions, perspectives and knowledge claims. As a result, how it informs the governance of PSISS could be at best unhelpful and even confusing to practitioners. This state of knowledge is not assisted by “how to govern” guides that obscure their different theoretical origins and do not appear to address the complexity of PSISS governance. Despite this apparent lack of coherent frameworks in the academic and practice literatures, practitioners are expected to use this literature to develop governance arrangements and perform effective PSISS governance. This lack of coherence led me to ask my first research question: How do practitioners perceive PSISS governance in practice? Exploring how PSISS governance occurs in practice through the lived experience of PSISS governance practitioners led me to select grounded theory as an appropriate methodology and research design to examine 20 years of governance practice for an electronic identity (E-ID) PSISS in New Zealand. My grounded theory of practice enabled construction of a public sector governance model to explore vertical and collaborative governance arrangements through three perspectives: system strategy, delivery and assurance. The model has been extended to provide a system-wide public sector governance lens, which was used to reflexively explore current academic literature and seven practitioner informed critical public sector governance issues to answer my refined secondary research question: How have governance arrangements addressed critical issues in public sector governance