e-Gov Guideline Creation Council – Security Working Group Meeting #3
Right after the BizDay #1, Nat rushed to this meeting to give his presentation this council.
This council is supposed to create a national guideline for e-Gov and possibly to the private sector for the usability and identity assurance. Prof. Sudo, an advisor to OIDF-J, is the chairman of this council. (Mr. Mitsushio, a member of OIDF-J, and the leader of the security working group of CIO aide of ministries, is another member of the council.)
For details, see http://www.kantei.go.jp/jp/singi/it2/guide/index.html (Sorry, it is in Japanese.)
The Agenda was as follows:
1. Opening Remarks
2. Status of E-Sigs usage
3. On the “Inference articles” of the e-sig and authentication law.
4. Technical Trends in the technologies that impacts user interface
4.1 SmartCards and NFC phones
4.2 Web SSO
I could only attend 4.2 (i.e., my speech) because of BizDay #1 obligation, so I cannot report on anything but my speech and discussion followed it. My presentation was on OpenID and SAML including PAPE and CX proposal, and gave several case studies as well. It was very well accepted. In the following discussion, the importance of the NIST SP800-63 style assurance framework and guidelines that can be used across government and private sectors were noted.
IMHO, this kind of activity is very important for OpenID adoption. There are many companies hesitant to become an RP because the assurance level and legal implication of being a RP is not clear. This kind of council will eventually come up with a national guideline and possibly a new law that covers these and thus make it much easier for something new like OpenID to be adopted.