Canadians are taking advantage of available online services because they’re faster, more efficient and more convenient than traditional delivery methods. This is particularly true of the federal government space, which is a complex labyrinth of programs and services offered by many departments. Canadians who opt to use online services do so with the expectation that these services are secure and that their personal information is protected.
The federal Government On-Line (GOL) initiative has facilitated online service delivery. Individual business units within federal departments have embraced this initiative, but have done so independently and without a cohesive interdepartmental and cross-jurisdictional perspective. More specifically, the result is (a) poor compliance with market-driven standards that are not always suitable to the public sector and (b) discrete programs with isolated applications that can’t talk to each other.
For the end user, this has meant keying and re-keying name, address and contact information for each online program and managing multiple usernames and passwords for access. It has produced a maintenance headache for program administrators and prevented data sharing within departments, between departments or across jurisdictions. These limitations must be addressed if the government plans to evolve its online service offerings and develop even more customer-centric solutions.
Federated information management (FIM) is a new concept that addresses many of these problems. FIM is a privacy-centric secure application that streamlines the user authentication process by coordinating the ID proving steps of individual programs and eliminating duplicate enrolment processes. It facilitates single sign-on through the creation of a Domain Specific Registry (DSR) that stores the user’s common information – identity, address, contact information, role, industry sector, business name, etc. Upon user consent, where applicable, this common information is then “federated” so it can be shared across programs.
FIM provides several benefits, both to the end user and to the federal department administering a FIM-enabled program. Once a user’s ID is verified, multiple service applications can access that information without forcing the user to register with each system separately. The user can assume ownership of personal data and manage this information in real time and can also interact with other departmental programs in which he/she is enrolled. The service provider can tailor information for the user based on his/her profile – that is, the “identity” stored in the DSR. FIM is technology-neutral, based on recognized and accepted standards and specifications rather than on proprietary technology. This enables service providers to deploy FIM using the technology of their choice, thereby maximizing flexibility and scalability.
One FIM success story is at Environment Canada (EC), where it was used to create a departmental information registry that is a single point of user authentication and an authoritative source of client data. OWNERS (One Window to a National Environmental Reporting System) is the first EC program to adopt FIM. OWNERS reduces the burden of reporting emission information by streamlining the reporting process for companies. FIM coordinates a single, clean source of common data that can be shared across numerous programs.
Secure Channel, the Government’s security infrastructure, makes FIM possible by providing the common security platform required for customer-centric services online. Initially designed to enable program-by-program integration, ID proving and authentication for Secure Channel occurred in each program space. However, program-by-program integration has limitations: It creates redundancies in registration, data maintenance and the technical components used for integration. The government recognized the need to advance the concept of a “digital identity” so that, where legislatively possible, a single identity could be used to access multiple programs.
“There is a strong consensus that if you want to be client-centric and save on development costs, the best way to do this is through a common, shared approach,” says Michael de Rosenroll, Director-General, Strategic Infrastructure Services, Public Works and Government Services Canada.
A common approach results when federal programs, departments and even other levels of government work together to benefit Canadians, he says. “Services may be common but the method of delivery is distributed.”
de Rosenroll says Environment Canada’s FIM implementation is an important step forward in the government’s approach to authorizing businesses to access programs and services through Secure Channel. 058316
Tammy McCausland (email@example.com) is a senior writer with Bell Security Solutions Inc.