Part two – Open standards are the key to building a Federated System
- — 18 June, 2012 13:14
Australian Solution - Define our own “everything” standard.
Australia would design and build an open framework for an interoperable Multi-Factor Authentication System.
Critical deliverables would be;
- Establish a “Trusted Bridge” to facilitate design, implementation and ongoing compliance and governance of the framework.
- Ensure that costs were contained and the completed solution was flexible and inexpensive to administer and maintain.
- Ensure that the system was Opt-In only. Australians were vehemently opposed to the implementation of the “Australia Card” and the sole purpose of this framework is to provide unrivalled security for providers and users of online services.
- Encourage new and innovate ways to extend the use and flexibility of the system.
- Assist business with programs to implement their own systems based on the national standard.
- Ensure systems adapt to changes in the security landscape and embrace new concepts and evolve.
Authentication devices would include;
- Phone based Software Token and SMS.
- USB Keys.
- Hardware Keys.
- Credit Cards – HOTP enabled.
- State and Federal issued Photo ID with HOTP.
- Devices compliant with the standard but issued by Vendors for commercial gain. One example would be an authenticator that can operate as a store of value or has biometric data embedded or can store encrypted data.
- Physical Access cards.