Duration: 10.46 minutes. Type of file: mp3. Size: 4.31 MB
Hello, and thanks for tuning in this week’s voices interview. Our guest today is Imran Mirza, a former navy commander, specializing in combat systems engineering. Imran is currently Senior Director of the Secure Channel Network, a high-profile federal government initiative whose primary goal is to provide citizens and businesses with secure, private and high-speed access to all federal government on-line services. Imran leads the development and deployment of public key infrastructure systems that ensure secure communications between the Canadian public and federal government departments and agencies.
Welcome to the program Imran.
Hi, how are you.
I’m very well thank you. Imran, I’d like to start off this interview with something very basic and that’s a definition of Secure Channel. I’ve heard it variously described as the foundation of the Government Online (GoL) initiative, the common secure infrastructure through which GoL services are delivered, and so on and so forth. As a senior director responsible for Secure Channel, how would you define and describe this entity?
All the things that you have just indicated are representative of Secure Channel. Back in 1999, the speech from the throne announced the commitment to create a new service delivery channel to complement the existing delivery capabilities that we have. We already had over the counter phone, mail and some limited electronic service delivery. The overall name of that initiative was Government on Line. Essentially, it had three broad phases or initiatives to it: bringing programs and applications online; the second one was gateways and clusters; and the third one was secure common infrastructure – and that is exactly what Secure Channel is.
I understand Secure Channel also serves to integrate three key government networks. Tell us a bit about that?
From a technical perspective you can view Secure Channel as a collection of networks. In essence we have three virtual networks riding on one physical network. For example we have inter-governmental networks. This is the network where all of the government departments exchange information such as e-mail between each other. On that same physical network you also have two other networks – one network known as the data network [and] another network which is used to connect department so that they can test their applications against the data applications that they have on the data network. So physically that is what Secure Channel is.
It’s often said that ultimately Secure Channel is about e-services and their secure delivery through various government departments and agencies to the Canadian public. Could you highlight some of the key services offered through Secure Channel?
Yes. We also have within Secure Channel various services: the Internet working services, the help desk services, the directory services…but the key portion of the Secure Channel are two services: one known as credential management services and the other one as the intelligent brokerage services. Under the credential management services we have deployed Entrust PKI technology that essentially allows us to offer services to government departments and provinces and other government jurisdictions…the ability to authenticate individuals and businesses over the Internet. And remember this is a common infrastructure, so this is the highway. It’s the responsibility of each of the program departments to actually bring applications to the Secure Channel, and use whatever shared secrets – for example – they might have between the citizens and the programs to authenticate the individuals, but they use our infrastructure to do that.
The Record of Employment (ROE) for businesses, I understand, is one very popular service being offered via Secure Channel. Tell us something about this service, and how it helps both companies and the government save time and money.
If you didn’t have the ROE for businesses, each company would have to fill out manually the ROE, and submit that to the government, and give one copy to the employee, each time somebody left the company. Now the companies have an automated way of going directly from their payroll systems – if they’ve designed the system in this manner – to submitting 900 ROEs within a few minutes, across the board. So clearly there are significant savings, not only for the government, but also for the businesses themselves. And to date we know there have been close to between 600,000 to 700,000 ROEs that have been processed. Now you can imagine yourself, if you had to do that manually versus doing it electronically. And the savings to the government, of course, comes in the fact that all of these are done automatically, so the error rate is reduced significantly too.
You’ve mentioned that every department has to do its own business case before deciding to sign on. And apparently 129 have so far have migrated to the Secure Channel Network. What does this mean in practice? If a department says: okay, I was to leverage the features and some of the benefits of Secure Channel…what is this migration – how is that accomplished?
Government used to have a network called GNet. GNet allowed government departments to send e-mails to each other, but it did not have the same robustness as the Secure Channel has. We took those clients that were on the GNet, and we migrated them on to the new Secure Channel network. Of course, as soon as we did that now the same program departments now have the ability to host and utilize our Secure Channel PKI services and our Intelligent Brokerage services.
So when you said they migrated from GNet to the Secure Channel Network, did this involve a change in any of their business processes, in the way they did things…their workflow?
No, not at all because we went through an extensive planning session with them, as to how they were actually going to move over. And each department had a specific timeline to work with us. And we had a “tiger team” that went from one department to the other. Essentially, what they were migrating were their current services. Now where they would have a difference is when they decide they are going to actually put a particular service online. For that, they have to figure out what the business process is going to be, so that they can then integrate their application with the Secure Channel common infrastructure.
Tell us something about the Stats Canada Session Encryption with Automated Login or SEAL service that’s currently being offered through the Secure Channel. What makes this service so special?
The reason it’s special is because this is an anonymous login project. Essentially Stats Canada had a challenge that they wanted to use the Internet channel to do the survey…their census. So what they did was they designed a pilot project and said: “look in 2006, we’re going to do a massive survey and we want the Internet to be a viable channel for people to use.” But the challenge was: how do you assure transmission from a particular house directly to Stats Canada, and how are you able to authenticate the house where the information is coming from. And so we did a co-operative program with them and we said: you know what, we could use PKI technology to do this. We’re going to generate essentially PKI certificates, but once they are used we’re going to discard them, we’re not going to keep them. There’s going to be no hi