Citizen identity online is still one of the hardest things for a Government to get right. In a way it is strange that it is such a problem, we have been doing ID in the physical world for thousands of years. Some of the first ‘official’ identity documents were produced by Royal Courts so that their representatives could travel to foreign lands to meet with other Royal Courts without being imprisoned. In modern times the average person will carry a number of different identity documents on them; a Passport is proof from my Government about who I am, driving license is a Government Department giving me permission to drive and my Visa Card is my back giving me (limited) permission to spend money.
Online, we seem to still be struggling with identity. A large number of countries have implemented national or regional ID card projects, and many of those will use technologies like certificates to authenticate people. Successfully rolling out a national ID card with an embedded certificate is hard, but it is only half the problem. If we cannot get people to use those cards to authenticate online, then the project is only partially successful.
What I am going to do over the coming weeks is start to dig deeper into some of the issues around online identities and technologies that can really help. I think we are now at a point where we have the technology, the standards and the understanding to start to really reduce the pain of doing online identity for Governments. I believe that using Federation can help tie together the disparate parts of Government and provide a single way that systems from all different vendors can re-use the identity framework.