Best Practice
Facebook Twitter LinkedIn

Best Practice

Combined Session
Wednesday, May 06, 2015 14:30—15:30
Location: AMMERSEE I

Identity @ The Guardian - SSO at Web Scale

The Guardian’s web and mobile application usage rates are experiencing explosive growth.  This growth is driven by an increased consumption of news online.  Today’s users have high expectations in terms of usability, security and performance.  This session aims to highlight the challenges that Identity faces and will discuss the technology that can be used to keep pace in this fast moving development environment.

Topics covered will be:

Mark Butler
Mark Butler
The Guardian
Mark Butler has over 12 years of professional software development experience in the media industry. He is the Technical Lead of the Identity project at The Guardian in London. He is responsible...

Rethinking Digital Identity: The Australian Government Story

The Australian Government’s coordinated approach to digital identity started in the business-to-government domain, with the creation of a whole-of-government credential (AUSkey) and trust broker (VANguard) in 2007. A separate process occurred in the citizen-to-government domain (myGov) in 2013.

This case study examines the policy decisions leading to the creation of these systems, and the technical challenges and compromises that followed. This includes the decision to use digital certificates for business transactions, but username/password-based credentials for citizens. It also explains the delay between centralizing business-to-government and citizen-to-government authentication, partly due to the Australian public’s rejection of nationalized identity in the Australia Card.

At a more technical level, it also discusses multiple exposed and exploited security flaws, which threatened the security benefits of this centralized authentication.

Finally, the case study details the changing environment of digital identity, and the technical and policy questions currently being uncovered by the Australian Government in its quest to have all 50,000+ transaction-per-annum systems available end-to-end digitally.

Key takeaways:

  1. Understanding Australia’s approach to digital identity and where it is heading under the Australian Government’s digital policy agenda, with comparisons to other countries
  2. Appreciation of the hidden security costs of centralized authentication, and the effect of failures
  3. Demonstration of how the differences between various authentication and identity domains can necessarily lead to significantly different outcomes and technologies, in the whole-of-government space

Rethinking Digital Identity: The Australian Government Story
Presentation deck
Rethinking Digital Identity: The Australian Government Story
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Ben Bildstein
Ben Bildstein
Department of Industry and Science (Australian Government)
Ben Bildstein has been working for the Australian Government in the authentication and digital identity space for five years, with experience ranging from systems-level implementation to high-level...
Subscribe for updates
Please provide your email address