The management of citizen identity in electronic government

The development of electronic government (eGovernment) systems that enable citizens to transact with governments on-line has brought about a focus on the management of citizen's electronic identity. Identity management (IdM) becomes a key issue in the electronic world where government systems need to prove a citizens' identity in order to provide access to government services. To date, there isn't a standard identity and authentication architecture that governments can easily deploy to support their eGovernment implementations. Citizen users of such systems also need to establish trust and confidence in the on-line service to avoid problems that can arise with phishing or identity theft. Some IdM solutions such as those based on biometrics can not serve all citizens equally and are thus difficult for governments to deploy in a manner which preserves inclusiveness and accessibility of the services. Other issues such as the global mobility of citizens further complicates the issue of remote IdM as citizens may wish to access their respective eGovernment services from any part of the globe. There are clearly many computer security and privacy challenges to creating a globally acceptable solution. In this paper we classify and analyse currently available authentication technologies and their associated risks while presenting key identification and authentication requirements from a government's perspective. Our analysis leads us to suggest specific enhancements to Shared and Federated Authentication System that make impersonation difficult, or impossible.