Feeds

UK.gov digital boss defends ID assurance scheme

'Days of different logins for every site are numbered'

High performance access to file storage

The Cabinet Office's newly installed digital captain has robustly defended the department's plans to beef up an identity assurance scheme with the help of banks and internet companies.

Mike Bracken, skirting over the fact that a new law will almost certainly be needed to be pushed through Parliament to make such a proposal a reality, is championing the cause.

In a puff piece on the Government Digital Service blog, the ex-Guardianista defended the "federated identity assurance model" by proclaiming that it was "essential for the 'digital by default' initiative".

The main crux of his argument is that anonymous online transactions need to be flushed out to help build trust between taxpayers, the government and corporations.

Indeed, as highlighted yesterday with the launch of Google-backed Midata, the Cabinet Office is very keen to create a new digital biz sector with a scheme that, at its heart, is about offloading identity-handling to the private sector while being gift-wrapped in tantalising 'open data' goo.

"Many people have described this subject as ‘identity management’," said Bracken. "That is an organisation-centric phrase: a notion that organisations hold data about people and have the responsibility for maintaining it.

"We have to reset the subject around the user and recognise that in the digital age people assert identity in many different ways and contexts."

But, don't be entirely fooled, here's the money shot:

The days of creating different user names and passwords for every new website are numbered, thank goodness. There is a strong desire to work collaboratively across the public and private sectors to develop solutions that meet users differing needs.

Bracken then cites various examples of why this ID-dealing game isn't isolated to British shores. It's an international effort, and the Cabinet Office wants to play.

Many readers of these pages have questioned why Maude's department is spending £10m and counting on ID assurance, given that there is already a federated model. Government Gateway was created in the New Labour Directgov era as one-login-to-rule-them-all for taxpayers to access gov-related services.

"[A] lot has moved on in the dozen years since Government Gateway was developed and we have a lot of work to do to develop solutions that work for users in the many contexts that they’ll need them," said Bracken.

Comment

This appears to ultimately mean bridging the gap between taxpayers' usernames and, for example, banks and internet companies - and yes, we're talking Google, Facebook and other big players in the ID arena.

But can such a vision truly be a reality? Let's repeat Bracken's words again: "The days of creating different user names and passwords for every new website are numbered, thank goodness."

Labour, now in opposition and still battle-scarred from its fight for the hated and now-abolished National ID card scheme, is silent about identity assurance for now. Perhaps that's because it's an idea dreamed up in the Cabinet Office that is yet to be tested thoroughly even by other government departments within Whitehall.

It's going to cost Maude's dept £10m to school the likes of the Departments for Work and Pensions and Business, Innovation and Skills in ID assurance. But what price to the British public if a cluster of "trusted private sector identity service providers" becomes the source of authenticating individuals who want to access gov services online? ®

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.