Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- D4.1: Structured account of approaches on interoperability.
- D4.2: Set of requirements for interoperability of Identity Management Systems.
- D4.4: Survey on Citizen's trust in ID systems and authorities.
- D4.5: A Survey on Citizen’s trust in ID systems and authorities.
- D4.6: Draft best practice guidelines.
- D4.7: Review and classification for a FIDIS identity management model.
- D4.8: Creating the method to incorporate FIDIS research for generic application.
- D4.9: An application of the management method to interoperability within e-Health.
- D4.10: Specification of a portal for interoperability of identity management systems.
- D4.11: eHealth identity management in several types of welfare states in Europe.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
Application of the Activity Chart in Practice
The Activity Chart discussed earlier has been expanded into more detail as shown in Figures 5 and 6. Each part of the chart has been subdivided into Steps and Step 1 has been further divided into Processes. The steps are those that need to be considered when performing identity management activities.
If any of the boxes on these diagrams are selected on the digital version of the Activity Chart, a hyperlink will take the user to the appropriate part of the portal where support or guidance notes will be provide assistance to enable the user to complete a particular task. References will be made to the relevant parts of FIDIS deliverables.
Each process box has been given a unique reference, e.g. P1.1, which will enable cross- reference to a Check-list that will be provided.
Figure 5: Step 1: Identity Management Processes
Figure 6: Steps 2 – 5
Brief descriptions of typical activities that need to be performed in each box are provided for each step in the Activity Chart. Where appropriate, examples have been taken from e-Health applications.
Step 1: Identity Management Processes
Process 1: Specify Requirements
P1.1: Define Assignment
Specify e-Health or application of interest
Specify aspects of identity that need to be included
Describe other stakeholders involved
Detail previous experience to be included
P1.2: Set Boundaries
Define scope of assignment
Define time-scale
Determine resource requirements:
Personnel
Finance
P1.3: Identify Controlling Factors
Check legislative requirements
Determine financial limits
Specify requirements of each stakeholder
P1.4: Develop Conceptual Model
Prepare process models & information maps
Specify security requirements
Specify software requirements:
Development of software with:
Links to internal software
Links to external software
Process 2: Define Processes
P2.1: Specify Identity Activities
Patient lifecycle
Healthcare delivery
Medical records
Relevant research projects
P2.2: Develop Identity Processes and Procedures
Primary care
Secondary care
Tertiary care
Interfaces between stakeholders
Security procedures
P2.3: Develop Management Processes and Procedures
Local governance
Regional governance
National governance
EU international governance
Within and between stakeholders
P2.4: Specify Audit, Monitoring and Compliance Procedures
Select audit points
Specify monitoring and auditing procedures
Ensure compliance
Process 3: Specify Stakeholders
P3.1: Specify Stakeholders
Health departments
Health authorities
Doctors’ surgeries
Hospitals
P3.2: Agree Identities to be Created, Shared or Exchanged
Personal
Locational
Medical
Biological
P3.3: Specify Roles and Responsibilities
Ensure legal obligations
Maintain all records
Ensure security of information
Perform staff training
Manage procedures within and between stakeholders
Ensure compliance
P3.4: Specify Processes and Procedures
Identity procedures within & between stakeholders
Rules, regulations, statutes & directives
Investigation procedures
Training procedures
P3.5: Specify Security and Matching Check Measures
Specify security in all parts of software and manual systems
Specify matching checks for all types of identity
Specify tolerances
Process 4: Information Management
P4.1: Information
Personal details
Location details
Next of kin details
Medical details
Biological details
Stakeholder details
P4.2: Duty of Care
Ensure legal obligations
Maintain all records
Ensure security of information
Perform staff training
Manage procedures within and between stakeholders
Ensure compliance
P4.3: Processes and procedures
Identity procedures within & between stakeholders
Comply with rules, regulations, statutes & directives
Investigation procedures
Training procedures
P4.4: Enabling Technologies
Profiling
Interoperability
Forensics
High Tech ID
Mobility
P4.5: Audit and Control
Specify audit points
Specify monitoring & auditing procedures
Ensure compliance
Step 2: Specify Identity Types
I2: Personal identity
Name
Signature
Insurance number
Citizen Service Number
Passport
Nationality
I2: Biological Identity
Gender
Iris print
Fingerprint
DNA
Voice
I3: Situational Identity
Qualifications
Profession
Employment
Travel
I4: Locational Identity
Address
Electoral Roll
e-mail address
Business address
Step 3: Specify Identity Technologies
T1: Profiling
Vast amounts of data have to be processed
Analysis of databases needs to be performed
Protect privacy
T2: Interoperability
Sharing & exchanging information
Specify stakeholders and their roles and responsibilities
Communication network
Security
T3: Forensics
Analysis of ID crimes
Accuracy of tech devices
Integrity of data
Forensic profiling
T4: High Tech ID
PKI
Biometrics
Electronic signatures
RFID
T5: Mobility
Law, technology & sociology aspects
Mobile devices, smart phones, smart cards
Location Based Services
Step 4: Specify Identity Lifecycle
L1: Creation
Collection and correlation
Digital representation
Accuracy
Completeness
Authenticity
Uniqueness
L2: Storage
Devices
Volumes
Security
Duplication & back-up
Access
Protect against copying for fraudulent activities
L3: Matching Check
Digital Identities to be checked
Accuracy of checks
Verification
Checking authority
L4: Maintenance
Authorization of updates
Updating all databases
Ensuring synchronization
L5: Deletion
Authorization of deletion
Deletion from all databases
Archive all deletions
Identity Applications
e-Government
Applications include:
Vehicle registration
Social benefits
Passports
e-Health
Applications include:
Medical records
Medical insurance
Healthcare provision
e-Commerce
Applications include:
Banking services
Online purchases
Payment of bills
6 / 12 |